Security Bulletin

This time it's the identity management service provider's cross-origin authentication feature that's being targeted by adversaries.

Georgia resident Malachi Mullings has been sentenced to a decade-long imprisonment for his involvement in business email compromise and romance scams, reports The Record, a news site by cybersecurity firm Recorded Future.

The U.S. Department of Justice announced wire and computer fraud charges against Russian initial access broker Evgeniy Doroshenko, also known as Flanker and FlankerWWH, for allegedly engaging in the sale of access to U.S. corporate networks in a...

DefenseScoop reports that the Army Cyber Command's Panoptic Junction Tool has been chosen by the Defense Department's U.S. Cyber Command to fulfill provisions under President Joe Biden's artificial intelligence executive order that mandates the...

Members of the House Armed Services Committee have approved an amendment to the upcoming fiscal year's defense authorization bill proposed by Reps. Morgan Luttrell, R-Texas, and Chrissy Houlahan, D-Pa., that would mandate an independent evaluation on...

The U.S. is believed by former Defense Secretary and retired Gen. Jim Mattis to be most at risk of being impacted by severe foreign influence operations during the upcoming presidential polls as both Russia and China ramp up their "propaganda...

Open authentication standards industry group FIDO Alliance has moved to strengthen biometric security amid concerns regarding bias and security threats with its new Face Verification Certification program that uses at least 10,000 tests for biometric...

SecurityWeek reports that Cigent Technology has introduced a new endpoint data protection platform that provides data encryption and exfiltration protections in an effort to avert ransomware compromise.

UK public service broadcaster BBC had information from nearly 25,290 current and former employees exfiltrated following a data breach of its occupational pension scheme, which is one of the largest across the country, according to The Guardian.

Mounting backlogs of unanalyzed and unenriched software and hardware flaws submitted to the National Institute of Standards and Technology's National Vulnerability Database since funding cuts were conducted in early February have prompted the agency...

CNN reports that operations at major U.S. nonprofit hospital network Ascension continue to be hobbled by a ransomware attack earlier this month, which nurses at its hospitals noted have begun to endanger patient safety amid the lack of "safety...

By adopting a stance of coordinated disclosure for exploits, security researchers can give organizations time to patch vulnerabilities before they are exploited in the wild.