Security Bulletin

Verkada acknowledges it spammed its own customers with junk email and allowed them to be exposed to unwanted emails.

The Ohio city filed for a restraining order, claiming the researcher was working in tandem with the ransomware attackers.

The malware, first discovered two years ago, has returned in campaigns using SEO poisoning.

Developers especially should pay attention to this VMware Fusion patch because if exploited, hackers could steal SSH keys and API credentials.

The energy kahuna said that operations were disrupted after an attack on its supporting business applications.

Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance.

Malware authors have iterated on one of the premier encryptors on the market, building something even bigger and better.

Understanding through visibility, managing through governance, and anticipating through continuous deployment will better prepare organizations for the next supply chain attack.

Investigation into the data possibly compromised in the intrusion is still underway but operations of the agency were not impacted, according to an agency spokesperson, who reassured the safety of flights across the country while adding that...

Infiltration of certain CBIZ databases through the exploitation of a web page vulnerability enabled the theft of individuals' names, birth/death dates, Social Security numbers, contact details, retiree health information, and welfare plan details...