News and Alerts

Federal Agency Again Honors Texas A&M University System For Success in Protecting U.S. Secrets, Technology

For the second time in three years, the Texas A&M System won the Defense Counterintelligence & Security Agency Award for Excellence in Counterintelligence. The award is given for work to protect sensitive information from foreign spies. The System holds the distinction of being the only higher education institution to win the award more than once.
May 15, 2020

‘I’m Calling About Your Car Warranty’, aka PII Hijinx
Black Hat: Researchers created 300 fake identities, signed them up on 185 legit sites, then tracked how much the sites used signup PII to pester the accounts.
Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms
A researcher was able to remotely control the lights, bed and ventilation in "smart" hotel rooms via Nasnos vulnerabilities.
Black Hat: Let’s All Help Cyber-Immunize Each Other
We're selfish if we're only mitigating our own stuff, said Black Hat USA 2021 keynoter Jeff Moss. Let's be like doctors battling COVID and work for herd immunity.
Phishing Campaign Dangles SharePoint File-Shares
Attackers spoof sender addresses to appear legitimate in a crafty campaign that can slip past numerous detections, Microsoft researchers have discovered.
We COVID-Clicked on Garbage, Report Finds: Podcast
Were we work-from-home clicking zombies? Steganography attacks snagged three out of eight recipients. Nasty CAPTCHAs suckered 50 times more clicks during 2020.
Iranian APT Lures Defense Contractor in Catfishing-Malware Scam
Fake aerobics-instructor profile delivers malware in a supply-chain attack attempt from TA456.
Ransomware Volumes Hit Record Highs as 2021 Wears On
The second quarter of the year saw the highest volumes of ransomware attacks ever, with Ryuk leading the way.
Raccoon Stealer Bundles Malware, Propagates Via Google SEO
An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
‘DeadRinger’ Targeted Exchange Servers Long Before Discovery
Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017.
‘PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics
Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware.