Security Bulletin

Attackers aim to steal people's personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries.

CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack.

The next few years will be pivotal in the development of identity security. Here’s some of what will happen, and some of what may happen.

Jan. 24 update from UnitedHealth indicates February 2024 ransomware breach has nearly doubled.

Whether you're facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it's time to consider the long-term benefits of transitioning to a cloud-first infrastructure.

After inputting valid employee emails to infiltrate Starlink's admin panel hosted on a subarucs.com subdomain, threat actors could perform password resets, omit client-side overlay, and evade two-factor authentication to access the panel's features...

Threat actors could also leverage all of the vulnerabilities to enable cellphone location tracking and connection detail exfiltration that could be used for more targeted intrusions, a study from University of Florida and North Carolina State...

Exposed by the database were customers' full names, birthdates, ages, genders, marital status, account IDs, occupations, phone numbers, physical addresses, premium amounts and annuities, and policy types, as well as employees' names, email addresses...

Such an RCE flaw, which was given a critical severity designation by Snyk, impacts the Llama Stack component, particularly in the implementation of the reference Python Inference API, which automates Python object deserialization through the risky...

Such data compromise may have been achieved through an intrusion against a third-party supplier, which did not have any access to billing or financial details, according to TalkTalk Head of External Communications Liz Holloway, who did not name the...

Attackers who infiltrated Change Healthcare using unsecured account credentials were not only able to exfiltrate individuals' names, birthdates, home and email addresses, Social Security numbers, and other government IDs but also their health...

Amateur threat actors have been targeted by the attacker using the "@shinyenigma" and "milleniumrat" aliases with the altered XWorm RAT builder, which not only exfiltrates data via Telegram bot tokens and API calls but also enables registry...