Security Bulletin

Computer infrastructure in the US, UK, and Germany associated with the cybercriminal group, which targeted SMBs using double extortion, is officially out of commission.

AI's proficiency at creating software code won't put developers out of a job, but the job will change to one focused on security, collaboration, and "mentoring" AI models.

The cybersecurity firm, which is known for its behavioral AI-powered platform, plans to use the funds to expand its customer base, develop new products, and prepare for an initial public offering in late 2025, according to co-founder and CEO Evan...

Unlike traditional security measures that focus on network, cloud, or endpoint defenses, ADR embeds security directly inside the application, offering real-time visibility and protection against threats targeting custom applications and APIs.

The additional functions include analytics that assess the difficulty of upgrading an open-source software package and the potential risk of application disruption.

Acronis, which is based in Switzerland, offers the Cyber Protect Cloud platform, which assists managed service providers in safeguarding other organizations' IT infrastructure from cyber threats and backing up their critical data.

The report identified misconfiguration and inadequate change control as the leading cloud security threats followed by identity and access management issues, insecure interfaces and APIs, and poor execution of cloud security strategies -- all...

Updates to the Federal Acquisition Regulation and Defense Federal Acquisition Regulation Supplement contract requirements should be conducted by the Office of Management and Budget and the Defense Secretary, respectively, to ensure contractors'...

Most serious of the identified vulnerabilities was the high-severity flaw CVE-2024-33892, which could be exploited to enable cookie-based information exposure, an analysis from SySS GmbH researchers presented at this year's DEF CON security...

Such flaws, tracked as CVE-2024-27459, CVE-2024-24974, and CVE-2024-27903, involved OpenVPN's openvpnserv component, while another flaw relating to the Windows TAP driver, tracked as CVE-2024-1305, could be leveraged to enable denial-of-service...

Despite not specifying the malware leveraged to compromise its IT network, Schlatter revealed in a statement that it has been blackmailed by its attackers, who are believed to be demanding monetary payment in exchange for a decryption tool and the...