Security Bulletin

Danish energy sector attacks attributed to Russia's Sandworm APT turn out to be the work of a new concern: cyber opportunists.

Patches will be available in late January and February, but until then, customers must take mitigation measures.

The cybersecurity company, a Google subsidiary, said a 2FA policy change on X helped enable the “brute force” attack.

"In 2024, SaaS applications will present the next biggest attack surface that organizations have not yet addressed," says Adam Gavish, CEO and co-founder, DoControl.

Large mortgage company did not use the word “ransomware” in its 8K filing, but security experts say the evidence points to a likely ransomware attack.

Dubai Police are issuing warnings about highly indexed websites that mimic popular online destinations, like the city's travel card top-up site.

Seven months after our first investigation, a fuller portrait of the criminal gang and its tactics emerges

Thirty-three percent of public firms around the world were found to be unprepared for new bulk email sending requirements by Google and Yahoo mandating the use of Domain-based Message Authentication Reporting and Conformance technology for the...

SecurityWeek reports that more details regarding the Stuxnet malware, which is thought to be co-developed by the U.S. and Israel in 2010 to target Iran's nuclear infrastructure-related industrial control systems, have emerged following a two-year...

Data breach at HMG Healthcare hits dozens of facilities Texas-based healthcare services provider HMG Healthcare had data from residents and employees across 40 nursing facilities in the state and Kansas compromised following the hack of its server in...

Apache's open-source software utility collection Hadoop and open-source, unified stream-processing, and batch-processing framework Flink are being targeted in new malware attacks that involve packers and rootkits to evade detection, SiliconAngle...

BleepingComputer reports that major organizations are having their employees targeted by new phishing attacks exploiting messages concerning annual Human Resources department tasks to facilitate credential exfiltration activities.