Security Bulletin

Vulnerable CrushFTP file transfer server software instances impacted by a critical virtual file system escape zero-day have been subjected to ongoing targeted attacks that could enable the download of system files, Security Affairs reports.

BleepingComputer reports that ongoing attacks exploiting the critical Palo Alto Networks PAN-OS command injection flaw, tracked as CVE-2024-3400, could still compromise nearly 22,500 Palo Alto GlobalProtect firewall instances around the world despite...

The industry has talked about BIAs for years – and most providers still lean on cyber insurance in the wake of attack. That has to change.

A SANS és a Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet közös kiadványának 2024. áprilisi számában azzal foglalkozunk, hogy miért és hogyan kezdjünk karriert építeni a kiberbiztonság területén.

SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up.

Hackers claim to have obtained the records by breaching a third party with access to the database.

Chinese actors are ready and poised to do "devastating" damage to key US infrastructure services if needed, he said.

Despite a pause in the rise of ransomware, organizations are failing to take the steps necessary to adequately defend themselves against the increase in attacks to come.

Security pros say threat actors gravitate towards Linux because it’s the OS of choice for many critical server functions.

A ransomware gang claimed responsibility for the attack, though it is unknown if a ransom was demanded or paid.

CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials.