On Tuesday, Cybersecurity firm Malwarebytes conceded that it was targeted by the same hackers responsible for the SolarWinds attack, in which suspected Russian nation-state hackers compromised the systems of the IT management company in a sophisticated supply chain attack. Although Malwarebytes has not used any SolarWinds products, an internal investigation

Cyber researchers have found a set of seven flaws in the open-source software Dnsmasq. The vulnerabilities could allow for Domain Name System (DNS) cache poisoning attacks and remote code execution. Dnsmasq is a popular service used to catch DNS responses for both home and commercial routers and servers. The flaws

In the wake of the SolarWinds breach in which several key US agencies were hacked in an espionage campaign likely perpetrated by Russian actors, security experts are voicing concerns regarding how organizations manage and implement cybersecurity best practices. It may be necessary for entities to change how they vet vendors

The Chinese hacking group referred to as Chimera has allegedly been stealing airline passenger details over the past few years with the goal of tracking the movement of persons of interest. Chimera has been tracked by cybersecurity groups and is believed to be operating in the interest of the Chinese

Microsoft is allegedly pushing a domain controller “enforcement mode” by default to help mitigate the threat posed by the critical Zerologon flaw. Microsoft is aiming to force all companies to update their systems and address the flaw, as it represents a severe security risk to businesses, agencies, and organizations. Microsoft

The Russian cryptocurrency exchange company Livecoin has announced that it is shutting down permanently due to a cyberattack in which cybercriminals took control of Livecoin systems. The cyberattackers were aiming to tamper with exchange values. Exchange rates for currencies such as Bitcoin were changed by thousands of USD. Livecoin requested

An unintentional erasure has plagued the United Kingdom’s government as employees rush to recover data. A technical issue seemingly caused 150,000 arrest records to be wiped from nationwide police databases. Initial investigation has pointed to human error and defective code that earmarked the wrong files for deletion as the culprit.

Google has removed roughly 164 malicious Andriod apps that have been downloaded a total of 10 million times from its Google Play marketplace. Google’s reasoning behind removing the apps is that they were delivering malicious and disruptive advertisements. The move is similar to last year’s crackdown on out-of-context ads. The

US cybersecurity official Rob Joyce has been named the new leader of the National Security Agency’s (NSA) Cybersecurity Directorate. Joyce was previously the NSA’s top representative in the UK. Joyce will replace Anne Neuberger, who was recently appointed Deputy National Security Advisor for Cyber and Emerging Technology on the National

The Scottish Environment Protection Agency (SEPA) confirmed this week that they are still struggling to mend systems after a ransomware attack hit the agency last month. SEPA stated that its contact center, internal systems, processes, and internal communications have all been impacted by the attack. The attack occurred on Christmas