Security Bulletin

The lesserknown ransomware group uses fake updaters on compromised sites to lure victims.

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.

Trend Micro researchers detailed an emerging ransomware campaign by a new group known as "CrazyHunter" that is targeting critical sectors in Taiwan.

Changes aim to tighten integration with the National Institute of Standards and Technology's Cybersecurity Framework and help organizations develop a stronger posture to handle privacy risks.

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for...

Optimization and efficiency must not come at the expense of People’s data (lives).

North Korea-linked group targets developers with job offers that lead to poisoned coding challenges.

Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.

Active Directory is one of the most vulnerable access points in an organization's IT environment. Companies cannot wait for a real attack to pressure-test their AD recovery strategy.

Foundation to support CVE Program formally announced amid news that program was saved.

Major phishing-as-a-service platform LabHost had its administrator Zak Coyne sentenced in the UK's Manchester Crown Court to 8.5 years imprisonment after he pleaded guilty to several charges related to fraudulent activity, reports Infosecurity...