According to an advisory by Chinese cybersecurity firm NSFOCUS, its researchers have detected 11 security vulnerabilities that lie in the CoDeSys automation software that could lead to unauthorized access to company resources or denial-of-service attacks. The researchers claim that the bugs are simple to exploit and can have severe consequences,

The US Government Accountability Office (GAO) has warned that catastrophic cyberattacks are not receiving an adequate federal response, especially in that the cyber-insurance industry falls short when it comes to certain types of major attacks. The government spending watchdog warns that although the cyber-insurance market has risen and matured over

Google has warned its customers that an enterprise grade spyware strain is targeting both Android and iOS mobile device users in a recent Google Threat Analysis Group announcement. The spyware variant is reportedly in active circulation, according to the security team. Google has thus far identified victims in Italy and

Delivery company Yodel stated that technical issues have disrupted its deliveries and services. The company has confirmed that they are working to resolve the disruptions that were caused by a cyber incident. Yodel also confirmed that as soon as they detected the cyber incident, an investigation was launched by internal

Researchers at Kaspersky have identified a new advanced persistent threat dubbed ToddyCat that is actively targeting Microsoft exchange servers in Europe and Asia. The threat actor is leveraging two tools that were formerly unknown to the security researchers who discovered the threat actor, referred to as Samurai backdoor and Ninja

Europol has busted a phishing and fraud ring that was reportedly responsible for the theft of several millions of euros being stolen from victims. The perpetrators engaged in illicit activities such as scams, fraud, money laundering, and phishing to achieve their financial goals. Europol has also confirmed that some of

Security company Lookout published a report last week detailing how a Kazakhstan government entity used spyware developed by Italian company RCS Lab against protestors. The government entity leveraged the enterprise grade spyware against domestic targets via brand impersonation that tricked recipients into clicking on malicious links. The spyware used has

According to evidence created by a web developer known as ‘z0ccc,’ some Google Chrome extensions could be used to track users online. The developer created a website that is designed to generate a fingerprint of devices based on Google Chrome extensions installed on the browser that is visiting in order

Bleeping Computer has reported that a security incident impacting Flagstar Bank has led to the exposure of personal data belonging to roughly 1.5 million customers. The security incident reportedly occurred when an unauthorized third party gained access to the bank’s network. The security breach occurred between December 3 and December

Content Management system (CMS) provider WordPress has updated over one million sites in order to patch a critical vulnerability that affects a popular plugin known as Ninja Forms. Wordfence threat intelligence allegedly detected the flaw in June and reported it to the company. The details were explained in an advisory