TripAdvisor is taking a proactive approach to prevent its users from falling victim to credential stuffing attacks by invalidating member passwords if the password and corresponding email address were found in publicly leaked data breach databases. Credential stuffing attacks, in which a threat actor uses leaked or stolen login credentials

While United States President Donald Trump abruptly canceled strikes on Iranian targets last Thursday, the US did launch attacks on Iran in cyberspace that day, US officials said this weekend, adding that Trump had approved the offensive measures. US Cyber Command took down Iranian systems used by Iran’s Islamic Revolutionary

In the latest episode in the technological cold war between the US-China, the US Department of Commerce has added five Chinese organizations to its list of foreign entities that are considered a security risk. The list was established last month when US President Donald Trump signed an executive order enabling

Netlab researchers are warning that the Free-Socks.in proxy service is a front for a criminal operation, as the service runs on top of a massive botnet consisting of 2,692 WordPress sites, nearly half of which are hosted in the US. The compromised websites have been infected with the Linux.Ngioweb backdoor

A security incident at the highly popular WeTransfer file sharing service has violated the privacy of an unknown number of users whose files were sent to the wrong people. The incident occurred on June 16th and 17th. WeTransfer is informing impacted users, and claims that it does not yet know

Last week, the City Council of Riviera Beach stated that its decision to pay $600,000 in ransom to threat actors that infected the city network with ransomware, was made based on the advice of external security consultants. This move was criticized by many in the cybersecurity industry, because paying up

A recent ransomware attack on forensics firm Eurofins has impacted operations of the UK police department, which is now dealing with an increasing backlog of pending forensic investigations. Eurofins provides various types of forensic services, including DNA analysis, toxicology, ballistics and computer forensics work. It is believed that the UK

A new RiskIQ shows that the number of blacklisted mobile apps increased by 15% between Q4 of 2018 and Q1 of this year. However, Google is increasingly successful at barring malicious Android apps from its official app store, resulting in a 64% decrease of blacklisted apps hosted on Google Play

In the midst of rising US-Iran tensions, security researchers with Crowdstrike and Dragos have uncovered a new Iranian cyber campaign targeting organizations in the United States. The state-backed Iranian hacking group APT33 (aka Magnallium, or Refined Kitten) is behind the phishing campaign that has targeted around half a dozen organizations

A new report by SafeBreach warns that millions of Dell computers are at risk of being remotely compromised by threat actors due to a critical vulnerability in SupportAssist, a hardware-diagnostics tool that comes preinstalled on all Dell machines. The flaw affects a SupportAssist component made by PC-Doctor. As many as 100