Security Bulletin

Makers of IoT and embedded devices are about to face stringent regulations around firmware development, documentation and support. Here's why they'll need automation to keep up.

Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.

The phishing-as-a-service (PaaS) kit targets Microsoft 365 and Gmail environments.

A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.

Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on...

A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis tricks that it's downright difficult to count them all.

Some of the brightest minds in the industry will discuss how to strengthen cloud security.

As federal cybersecurity leadership falters, the private sector must take charge of national cyber resilience through frameworks, collaboration, and bold new leadership.

BleepingComputer reports that Fourlis Group, which operates IKEA stores in Greece, Bulgaria, Romania, and Cyprus, has lost $22.8 million in sales following a ransomware attack just two days before Black Friday, which disrupted store and e-commerce...