Security Bulletin

Ransomware operation ALPHV/BlackCat has admitted to compromising major Canadian oil and gas pipeline operator Trans-Northern Pipelines in an attack that it claims resulted in the exfiltration of 190GB of data, according to The Register.

Widespread attacks spreading the Glupteba malware in November involved the integration of a newly discovered EfiGuard Unified Extensible Firmware Interface bootkit that has provided the botnet with self-concealment and increased stealth through the...

BleepingComputer reports that attacks exploiting a new Windows Defender zero-day flaw, tracked as CVE-2024-21412, have been conducted by the Water Hydra threat operation, also known as DarkCasino, against foreign exchange traders on New Year's Eve to...

Chinese state-backed threat operation Volt Typhoon, also known as Voltzite, has been moving to cause a significant disruption in the U.S. as evidenced by its extensive targeting of the country's critical infrastructure organizations, reports...

Thousands of organizations across the U.S. have been targeted by a new phishing campaign deploying the Bumblebee malware, which was last observed in the wild in September, according to BleepingComputer.

The finance services giant says it was hacked — and reported the incident proactively before SEC requirements mandated it. It could be an anti-extortion move, or merely a brand protection effort.

Nine new LLM-based tactics were used by Russia, Noth Korea, Iran and China-sponsored threat groups.

Threat actors first infected the Hipocrate Information System with a variant of the Phobos ransomware family — and then it spread across the nation's healthcare organizations.

Security pros say more companies will report early in 8-K filings even if there’s no “material impact.”

Cyberattacks targeting thousands of US organizations wields a new attack vector to deliver the versatile initial-access loader — and is a harbinger of a surge in threat activity.

The fixes were among 73 the software giant released in this February's Patch Tuesday.

But generative AI's ability to strengthen security and fortify defenses can keep bad actors in check.