For its GET Mobile app, CBORD publishes a list of commands available through its API, which can be controlled using a student’s credentials. But the API was not checking if the credentials were valid.

The ethics watchdog, which regulates lobbying at the State Capitol, said on Friday that an investigation had been launched to determine the scope of the attack and who was behind it.

The healthcare services provider discovered the incident on December 18, when some of its IT systems were disrupted, but learned of the potential data theft only a couple of weeks later.

According to a new announcement, Boise State University (BSU) has partnered with Stellar Cyber to launch a new program to improve cybersecurity in Idaho’s rural and remote communities.

A group of academics have demonstrated what they say is the “first side-channel attack” on homomorphic encryption that could be exploited to leak data as the encryption process is underway.

CardinalOps, which is a threat coverage optimization company, on Thursday announced raising $17.5 million in a Series A funding round that brings the total raised by the firm to $24 million.

According to Barracuda, the past couple of months were characterized by dips and spikes in the targeting of Log4Shell, but the volume of exploitation attempts has remained relatively constant.

In a new study, eighty-four percent of organizations reported falling victim to a phishing attack last year, Egress said, and of those 59% were infected with ransomware as a result.

Cisco this week announced patches that address a couple of critical vulnerabilities in its Expressway Series and TelePresence Video Communication Server (VCS) unified communications products.

These DDoS tools collect personal data that can make users identifiable, such as IP address, country code, city, location based on IP address, username, hardware configuration, and system language.