Security Bulletin

Widely leveraged application delivery controller and load-balancing solution LoadMaster has been impacted by the OS command injection vulnerability, tracked as CVE-2024-1212, which could be abused to enable unauthenticated remote system access and...

SF Ballet Company was initially targeted by Meow, also known as MeowCorp or MeowCorp2022, which admitted to having exfiltrated more than 40 GB of data, including employees' personal details, payroll and work-related information, legal and insurance...

Though information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309.

If the US wants to maintain its lead in cybersecurity, it needs to make the tough funding decisions that are demanded of it.

An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored...

Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors.

DeepTempo's Tempo is a deep learning-based Snowflake native app that allows organizations to detect and respond to evolving threats directly within their Snowflake environment.

RIIG is a risk intelligence and cybersecurity solutions provider offering open-source intelligence solutions designed for zero-trust environments.

The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California Polytechnic State University-San Luis Obispo; Cosumnes River College; DARK Enterprises...

Identity protection in healthcare was a dominant theme at last week’s Semperis HIP conference, with many participants offering guidance on how to improve medical cybersecurity.

Easterly has led the agency since July 2021 and was instrumental in driving the Secure by Design initiative.

Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more.