Security Bulletin

While the 2024 election may see various cyber threats, existing security measures and coordination across all levels of government aim to minimize their impact.

SecurityWeek reports that Apple has sought the dismissal of a lawsuit it filed against Israeli spyware maker NSO Group three years ago amid recent developments that could threaten the exposure of threat intelligence and other sensitive data required...

Restoration of the servers has allowed the resumption of business with third-party suppliers and dealers, according to the major Japanese motor vehicle manufacturer's European arm, which confirmed the temporary isolation of all its servers but did...

Attackers were able to compromise 23andMe over five months beginning April 2023, enabling access to 5.5 million DNA Relatives profiles and details from 1.4 million users of the Family Tree feature, said the company in a disclosure in October.

Attackers may have obtained certain Port data in mid-to-late August before proceeding with encrypting such information, resulting in the outages of its baggage, ticketing, Wi-Fi, and reserved parking services, as well as check-in kiosks, passenger...

More than 30 organizations have already been compromised by 3AM, with its two most recent victims claimed in April and May having only 10% of their stolen data exposed so far by the ransomware gang.

Numerous social engineering tactics have been leveraged by threat actors to deploy Ajina.Banker, including fake banking, government, and utility apps, as well as malicious links purporting to be for promotions or offers spread via Telegram, a report...

The vulnerability, which impacts Ivanti CSA 4.6 that has recently reached end-of-life, could be leveraged to enable remote code execution, according to Ivanti, which urged immediate upgrades to Ivanti CSA 5.0.

Attacks involved the utilization of a fraudulent Google Chrome app, which when installed triggers a prompt for updating Google Play Services and eventually downloads TrickMo as "Google Services" before seeking the approval of accessibility...

Attacks as part of the campaign, which commenced in late August, involved the Amadey malware spreading a credential-flushing AutoIT script, which would launch a URL for replacing Google account passwords in kiosk mode and establish parameters that...

Aside from noting that a potential compromise of publicly available voter registration details would not affect the process or results of the upcoming election, both the FBI and CISA emphasized that there has been no indication of any intrusion that...

Here are three tips for safeguarding confidential computing in AI environments.