Researchers at Trustwave have uncovered more malware as part of a malware campaign hiding backdoors in mandatory Chinese tax software, highlighting the fact that the campaign may be more extensive than previously thought. Last month, Trustwave warned that it had found the GoldenSpy backdoor installed on several clients’ systems after

The Department of Homeland Security recently released an alert for a bug that allows attackers to eventually read and modify financial records, change banking details, read PII, administer purchases, disrupt operations, achieve command execution, and delete or modify files. The vulnerability holds the highest severity score and is found in

Microsoft’s July Patch Tuesday updates include a critical vulnerability in Windows DNS servers, which is likely to be exploited by threat actors if left unpatched on systems. The Patch Tuesday updates include over 100 fixes for various bugs ranging in severity. The most critical, CVE-2020-1350, is a wormable remote code

According to research conducted by the Identity Theft Resource Center (ITRC), publicly reported US data breaches have declined by 33% in the first half of 2020. Compared to the first half of 2019, 2020 has shown a significant decrease in US identity compromises. ITRC’s analysis also shows that breaches impacting

The US Secret Service has announced that it plans to create a new task force to tackle financial crimes and cyber fraud. This move shows that the government recognizes the growing convergence of classic financial crimes and financial crimes that are sophisticated with a cyber element. The announcement consists of

Last summer, the MGM Hotel chain was hit with a cyberattack that now appears to be more expansive than previously estimated. Researchers stumbled upon a database on a dark web market listing 142 million personal details from former guests at the MGM Resorts hotels. This is evidence that the data

According to researchers at Ben-Gurion University, video conference users should refrain from posting screenshotted images of Zoom, Microsoft Teams, and Google Meet conference sessions. The researchers easily identified users from public screenshots of video meetings on the platforms. With the pandemic and the shift to teleworking, video conferencing has increased

Yevgeniy Nikulin has finally been convicted of launching cyberattacks against LinkedIn, Dropbox, and Formspring that resulted in millions of customer accounts being breached. Nikulin has spent years in custody after his initial arrest in Prague in 2016. Nikulin remained in Prague for over a year, eventually brought to the US

A recent security report from German think tank Fraunhofer Institute analyzed 127 popular home routers and concluded that most contained at least one critical security flaw. The devices, including popular ones from Netgear, Linksys, and D-Link, all contain serious vulnerabilities that are not patched in updates. The report explained that

According to an agreement adopted recently by 53 countries, cars in jurisdictions including Japan, South Korea, and the EU will be required to make sure connected vehicles are protected from cyberattacks. The UN regulation does not include the US, however, it tasks national authorities responsible with approving car models before