Security Bulletin

The future of cybersecurity will be shaped by how well we manage the explosion of NHIs.

The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.

A 28-year-old Ukranian man admitted to being the mastermind behind one of the most notorious pieces of malware on the internet.

The third-party actor had access for two days, in the financial services company's second major breach of the year.

The European Union's new sanctions framework will target individuals and organizations engaging in pro-Russian activities, such as cyberattacks and information manipulation, to undermine EU support for Ukraine.

In its latest Windows preview, Microsoft adds a feature — Administrator Protection — designed to prevent threat actors from easily escalating privileges and restrict lateral movement.

Fidelity maintains that there’s no indication of a ransomware incident – and that no funds were stolen.

When employees and leaders engage with CISOs early in innovation projects, security concerns are addressed proactively, building trust and ensuring innovation and security coexist.

Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?

Aside from featuring over 40 million signals from the DNS Research Federation's data platform and the Global Anti-Scam Alliance's comprehensive stakeholder network, the Global Signal Exchange will also contain more than 100,000 bad merchant URLs and...

Such breaches, which were pinned on the dismal security measures of Marriott and subsidiary Starwood Hotels & Resorts, resulted in the exfiltration of individuals' email addresses, birthdates, and other personal details, as well as their passport...

Most serious of the resolved vulnerabilities was the critical OS command injection issue, tracked as CVE-2024-9463, which could be exploited to expose firewalls' usernames, cleartext passwords, API keys, and configurations.