Security Bulletin

Ivanti is advising administrators to get up to date on their patches following a new spell of exploits against Endpoint Manager (EPM).

Ivanti reports that the bug is being actively exploited in the wild for select customers.

"Pig butchering," generative AI, and spear-phishing have all transformed digital warfare.

Although the veto was a setback, it highlights key debates in the emerging field of AI governance and the potential for California to shape the future of AI regulation.

Misconfigurations leaked the full names, emails, personal and work phone numbers, and financial application usernames belonging to clients of Dominican Republic's Asociacion La Nacional de Ahorros y Prestamos, Mexico's Caja Mitras and Caja Buenos...

Aside from ensuring OT system and process awareness, organizations should also strengthen cyber incident investigation and response efforts, bolster OT data protections, separate OT networks from IT networks, and include their vendors and managed...

Attacks by CeranaKeeper involved the deployment of the Mustang Panda-linked TONESHELL backdoor, a credential dumping tool, and a legitimate Avast driver before proceeding with the delivery of the WavyExfiller Python uploader for data gathering, the...

Attackers purporting to be Royal Mail distributed malicious emails about a failed package delivery with a PDF attachment that included a link redirecting to a Dropbox-hosted ZIP file, which then facilitated the execution of Prince ransomware.

Such websites, which are operated under "AI Nude" and are advanced by black hat SEO techniques, promise the conversion of uploaded photos into deepfake nudes but display a link, which when clicked redirected to another site with the password and link...

Both iOS and Android devices have been targeted with attacks involving the fake app dubbed "SB-INT," which lured victims into manually trusting the Enterprise developer profile before triggering the registration process that would seek additional...

Such record-breaking intrusion has been thwarted alongside more than 100 other hyper-volumetric L3/4 DDoS attacks of similar intensity that have been launched against organizations in the telecommunications, financial services, and internet...

Businesses that successfully manage the complexities of multicloud management will be best positioned to thrive in an increasingly digital and interconnected world.