Security Bulletin

The lab, which was described as part of the "new AI arms race," will receive initial funding of around $10.3 million from the government, with additional contributions expected from private industry partners through a catalytic model.

Morgan Adamski, executive director of U.S. Cyber Command, revealed that these operations aim to secure strategic advantages by compromising systems essential for national functionality, such as energy, water, and IT infrastructure.

Between August and October, the detection of fraudulent e-commerce sites rose by 110%, with tens of thousands of these hosted on SHOPYY, a Chinese e-commerce platform exploited by cybercriminals.

The program seeks to incentivize high-impact security research while strengthening collaborations with external researchers.

Attackers could exploit the Data Virtualization Manager for z/OS flaw, tracked as CVE-2024-52899, to facilitate malicious JDBC URL parameter injections and run arbitrary code, while the Security SOAR prototype pollution issue, tracked as CVE-2024...

The lessons I've learned soaring through the skies have extended far beyond the runway.

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.

Enterprise cybersecurity teams tell Omdia's Maxine Holt that they want to dig out from underneath mounting tech and pivot to a simpler platform model — but they are finding that tricky to pull off.

GenAI's 30%-50% coding productivity boost comes with a downside — it's also generating vulnerabilities. Veracode's Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA.

The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello.

Here’s five ways to detect attackers before they do any harm

With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe.