Security Bulletin

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.

Though TikTok is expected to adhere to certain COPPA-outlined measures, the social media giant has failed to meet those expectations, the Feds allege.

The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers.

App developers can expect the government to crack down on companies that violate privacy rights – especially apps targeted towards children.

The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.

Researchers from Graz University of Technology showed how the vulnerability worked across nine CVEs.

Cybersecurity startup LeakSignal, a finalist in this year's Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environments.

Cybersecurity startup Knostic, a finalist in this year's Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data doesn't get leaked.

Aside from not implementing adequate safeguards to prevent sign-ups from children younger than 13 without parental consent until late 2020, TikTok also has a "convoluted" data deletion process and has not adhered to parents' requests to remove data...

Global UK-based immigration services provider Sable International had its customers emailed by the BianLian ransomware operation in a bid to pressure ransom payment following an advanced cyberattack that disrupted the firm's servers, website, and...

Intrusions leveraging the flaw against impacted modules on the 1756 chassis containing the devices' communication processors, controllers, and I/O modules could result in the execution of common industrial protocol commands enabling the alteration of...