Security Bulletin

Aside from developing software supply chain risk evaluating guidance, CoSAI will also be advancing the creation of a framework aimed at strengthening AI risk mitigation.

Threat actors behind the attack discovered on April 13 were able to exfiltrate 6.5 TB of data, including names, birthdates, contact details, addresses, individual healthcare identifiers, Medicare numbers, and prescription information from customers...

Cyber Army of Russia Reborn targeted U.S. and European water, wastewater, hydroelectric, and energy organizations' industrial control systems with simple attacks last year.

An illegal gambling empire fueled by modern-day slavery is being propped up by high-profile sponsorships — and defended with sophisticated anti-detection software.

Attackers looking to leverage the security issue could do so remotely through the delivery of a crafted GET request to an impacted Splunk instance with activated Splunk Web.

Malicious Android APK files purporting to be from legitimate organizations have been distributed by OilAlpha via WhatsApp to facilitate victim data theft with the SpyNote trojan.

Such a novel Play ransomware version was hosted on an IP address that also contained the WinSCP, PsExec, WinRAR, and NetScan tools, as well as the Coroxy backdoor previously leveraged by the ransomware operation.

While the DHS's Federal Emergency Management System and VA's Enterprise Service Desk reported being impacted by the incident, no disruptions have been noted by the Federal Aviation Administration and the Nuclear Regulatory Commission.

Intrusions offering a fraudulent fix for the issue were reported by cybersecurity researcher g0njxa and AnyRun to have been conducted to deploy the Remcos RAT trojan.

Historic IT outage expected to spur regulatory scrutiny, soul-searching over "monoculture" of IT infrastructure — and cyberattack threats.

While regulations are unpopular in the business community, we can’t afford any more days like last Friday when airlines, hospitals and many other critical businesses went down.

2024. július 19-én a CrowdStrike kiberbiztonsági cég egy fontos érzékelőkonfigurációs frissítést adott ki a Falcon kibervédelmi szoftver részeként, amely a Windows rendszerek védelmét szolgálja. Egy váratlan logikai hiba miatt a frissítés súlyos...