Security researchers have stopped a “credible” takeover attempt reminiscent of the recent XZ Utils backdoor incident — further highlighting the urgent need to address weaknesses in the management of open source software. Researchers at the OpenJS Foundation — which monitors JavaScript projects used by billions of websites worldwide — said Monday that they “received a […]
96% of US companies were targeted with at least one fraud attempt in the past year, according to Trustpair. 83% of US companies saw an increase in cyber fraud attempts on their organization in the past year. Fraudsters primarily used text messages (50%), fake websites (48%), social media (37%), hacking (31%), BEC scams (31%) and […]
Ransomware actors are exploiting TeamViewer to gain access to organization endpoints and attempt to deploy ransomware, highlighting the importance of maintaining strong security practices and using the latest software versions.
The European Union’s attempt to reform its electronic identification and trust services – a package of laws better known as eIDAS 2.0 – contains legislation that poses a grave threat to online privacy and security. An article buried deep in the draft text of the bill would force web browsers to place total trust in […]
Vikas Singla, the former COO of a cybersecurity company, pleaded guilty to hacking two hospitals in an attempt to boost his company’s business. Singla disrupted phone and printer services at the hospitals and stole personal information from patients.
Cybercriminals have devised a creative way to attempt to scam money from people: They use a feature of Google Forms quizzes to generate spam messages, researchers found. Abuse of Google Forms — part of the company’s free Workspace suite — has been tracked for several years, but the use of a specific feature within quizzes […]
Security researchers have discovered what they believe may be a government attempt to covertly wiretap an instant messaging service in Germany — an attempt that was blown because the potential intercepting authorities failed to reissue a TLS certificate. The suspected man-in-the-middle attack was identified when the administrator of jabber.ru, the largest Russian XMPP service, received […]