Security Bulletin

Managing permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that.

An executive order is targeting former Trump appointees, including former CISA director Chris Krebs and his current coworkers, in the latest in a series of directives against those who dissented against the president and his associates.

Security experts weigh in on the problem Salt Typhoon and its hacking of telecoms poses against the United States, including what the US should do and how defenders can protect themselves.

Malicious packages lurking on open source repositories like npm have become less effective, so cyberattackers are using a new strategy: offering "patches" for locally installed programs.

Krebs is on record saying the 2020 election “was the most secure in American history.”

The Tines Essential SOAR Buyer’s Guide offers a practical, modern roadmap for evaluating and adopting next-gen SOAR platforms that go beyond alert triage to power secure, scalable automation across the enterprise.

Cyberwarfare is no longer a distant threat as tensions escalate between nations worldwide.

Failing to distinguish between data privacy and data security leaves businesses vulnerable to regulatory scrutiny and the kinds of breaches that erode consumer trust overnight.

Darktrace researchers detailed "spam bombing," a technique in which threat actors bombard targets with spam emails as a pretense for activity like social engineering campaigns.

U.S. Treasury Secretary Scott Bessent has been urged by Senate Health, Education, Labor, and Pensions Committee Chair Bill Cassidy, R-La., to activate its Committee on Foreign Investment in the U.S. to thwart China and other nation-state adversaries...