Cisco Talos has reportedly uncovered eight vulnerabilities in the Open Automation Software, a popular industrial control system (ICS) platform. Two of the flaws are categorized as critical, meaning that they pose a risk for infrastructure networks and should be addressed immediately. Exploiting the flaws could lead to remote code execution

According to Human Rights Watch (HRW), students who were required to use government-endorsed education technology, also referred to as ed tech, during the Covid-19 pandemic may have been subject to a variety of harmful cyber practices, such as keystroke monitoring and data collection. In addition, the HRW alleges that the

Interpol has announced that the organization was able to track down and apprehend the suspected leader of a transnational cybercrime syndicate. The 37-year-old individual was arrested in Nigeria and is believed to have lead major phishing campaigns, business email compromise schemes, and other malicious behavior that targeted companies and individuals.

Google has released a new version of Chrome, Chrome 102, that contains 32 security fixes applying to Windows, Mac, and Linux devices. The vulnerabilities were allegedly reported to Google by external researchers and consist of one critical flaw, eight high severity, nine medium severity, and seven low severity. In addition

According to a new Senate report by the US Senate Committee on Homeland Security and Governmental Affairs, the US lacks comprehensive data regarding ransomware attacks. This includes details such as financial losses both in ransom payments and to companies while suffering from the attack and attempting to remedy the effects.

Cybersecurity researchers claim that the Fronton botnet boasts a far larger arsenal of abilities than just launching a DDoS attack. Researchers allege that the botnet can track social media trends and launch suitable propaganda in addition to its cyberattack skills. A new look at the botnet reveals that the criminal

Microsoft has reported that card-skimming malware that aim to steal bank card details are increasingly turning towards utilizing malicious PHP script on web servers to manipulate payment pages. This enables the attacker to bypass browser defenses triggered by JavaScript code. Microsoft says that its researchers have observed the shift in

The US Department of Justice (DoJ) recently announced that it will not prosecute “good faith” hackers in a historic policy shift. Up until this point, even white hat hackers could be prosecuted under the Computer Fraud and Abuse Act (CFAA), even when done to improve cybersecurity. The DoJ identified good-faith

According to the Shadowserver Foundation, who first discovered the security incident, more than 380,000 of 450,000 Kubernetes servers hosting the open-source container-orchestration engine for managing cloud deployments are vulnerable to third party access. The popular engine for managing cloud deployments is therefore an easy target, providing a broad attack surface

According to a public notice released by the Texas Department of Insurance, the personal information of roughly two million Texans was left exposed on the internet for three years due to a programming issue. The department stated that the details of workers who have filed compensation claims were left unsecured