The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI issued an alert to inform the higher education sector about the availability of login credentials on dark web forums that can be used by threat actors to launch attacks against individuals and o

The FBI issued an alert on Thursday to inform the higher education sector about the exposure of credentials that can allow threat actors to access user accounts or an organization’s network.According to the FBI, cybercriminals have been selling usernames and passwords on various public and dark web forums.The agency has provided three examples. One example,

SYN Ventures, a Florida-based venture capital firm placing early-stage bets in cybersecurity startups, has closed a new $300 million fund and announced the addition of serial entrepreneur Ryan Permeh as full-time operating partner.SYN Ventures, which has already invested in more than a dozen security-focused startups, said the new fund will be used to target

Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors, malware trends and industry-specific insights.  This year, a new indus

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Italy presented its National Cybersecurity Strategy for 2022/26 and reinforce the government’s commitment to addressing cyber threats and increasing the resilience of the country to cyber attacks.

While neurodiverse candidates don’t fit the traditional mold of applicants, they can often excel at highly focused, analytical workAt a time when there countless unfulfilled cybersecurity positions worldwide, too many companies overlook neurodiverse candidates in their hiring processes. This a huge mistake as people with autism, dyslexia, and other

An unnamed Nigerian man has been arrested over his alleged role leading a cybercrime group that specialized in phishing and business email compromise (BEC).The arrest, announced on Wednesday by Interpol, is the result of an international operation involving law enforcement and several cybersecurity companies.In December 2021, Nigerian police arrested 11 peop

At the height of his career, Vietnamese hacker Ngo Minh Hieu made a fortune stealing the personal data of hundreds of millions of Americans.Now he has been recruited by his own authoritarian government to hunt, he says, the kind of cyber criminal he once used to be.After serving seven years in US prisons for stealing some 200 million Americans' personal deta

Endpoint security company Tanium and risk management solutions provider Reciprocity have each announced free risk assessment offerings this week.Tanium is offering what it describes as a comprehensive five-day risk assessment that leverages the company’s platform, a cloud-based delivery model, and Python-based script automation.A risk score is calculated bas

Cybersecurity company Trend Micro has updated one of its products to patch a vulnerability that has been exploited by a threat actor linked to China.The threat actor’s activities have been analyzed by endpoint security firm SentinelOne, which tracks the group as Moshen Dragon. Some overlaps have been found with groups tracked by others as RedFoxtrot and Noma

Many modern businesses in almost every sector of the economy are adopting the latest technologies for greater connectivity and efficiency. However, while many of these technologies offer myriad benefits, they can also create new cybersecurity vulnerabilities.While much of the focus has remained on manufacturers and how they can bolster their cybersecurity ef

The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws over the past two days, including flaws for the Android kernel and Cisco IOS XR.The added vulnerabilities come from a wide range of years, with the oldest disclosed in 2016 and the most recent being a Cisco IOS XR vulnerability f

The beauty of having different climates around the world is that there is always somewhere we can travel for leisure all year round. These are times when we tend to relax and let our guard down. The reality, though, is that cyber crime knows no vacation. Attackers are relentless and are always on the lookout for the easiest path to their next prey. That mak

Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community.On May 19, researchers reported that GitHub was hosting malicious software disguised as PoC exploits for a couple of Windows vulnerabilities that Microsoft fixed with its Apr

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 16, 2022. I’ve also included some comments on these stories. Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE