Security Bulletin

Mounting software supply chain attacks have prompted Synopsys to introduce the new Black Duck Supply Chain Edition software composition analysis solution, reports SiliconAngle.

The U.S. Environmental Protection Agency has disclosed that data leaked by threat actor USDoD on BreachForums over the weekend involved information that had already been made available to the public as part of the agency's efforts to provide "a...

Operations at major German database provider GBI Genios have been interrupted by a ransomware attack against its servers, which is expected to result in a days-long outage, according to The Record, a news site by cybersecurity firm Recorded Future.

Here are three new BEC tactics CISOs need to watch for.

An attacker could gain remote access to network-attached storage and execute arbitrary commands.

Why aren't we simply making a better VPN?

Varonis researchers say until Microsoft issues a patch, companies should watch their SharePoint environments for unusual activity.

The records were taken in a cyberattack against a firm providing support services for a Justice Department court case.

Google has updated its Chrome browser to support the V8 Sandbox aimed at curbing the spread of V8 memory corruption issues within the host process, according to The Hacker News.

Security Affairs reports that zero-day vulnerability research hub and acquisition platform Crowdfense has increased its exploit acquisition program to provide up to $30 million in total rewards, while expanding its scope to cover security issues...