Security Bulletin

CrowdStrike CEO Kurtz majority of systems back online and he is "deeply sorry" for those still impacted.

The fake updates are part of a phishing and fraud surge that is both more voluminous and more targeted that the usual activity around national news stories.

The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others said.

The rise in upstream attacks has cybercriminals increasingly setting their sites on technology companies.

Though IE was officially retired in June 2022, the vulnerability ramped up in January 2023 and has been going strong since.

Threat actors set up fake accounts that look legitimate on the GitHub platform.

How your organization can leverage the disruptive CrowdStrike update to become more resilient.

A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.

Our critical systems can be protected from looming threats by embracing a proactive approach, investing in education, and fostering collaboration between IT and OT professionals.

Such a draft, which expands cybercrime definitions to include crimes involving international communications technology, would prompt revisions of criminal laws to include more police powers without much consideration for human rights protections for...

Even though there has been no clear evidence indicating ongoing active exploitation of CVE-2012-4792, the vulnerability, which could enable remote execution of arbitrary code, had been leveraged in watering hole attacks deployed against Capstone...