Security Bulletin

The China-backed APT was using the botnet, made up of mostly end-of-life, patchless routers from Cisco and Netgear, to set up shop inside US critical infrastructure.

Here are three practical ways SOC teams can get started leveraging AI to make their operations more secure.

US federal agencies have to disconnect, rebuild, and reconfigure all Ivanti Connect Secure and Policy Secure VPN appliances. This Tech Tip lists all the steps that need to happen.

The attack, associated with Shuckworm, employs TTPs observed in prior campaigns against the Ukrainian military, predominantly using PowerShell.

Threat actors linked to the People's Republic of China, such as Volt Typhoon, continue to "pre-position" themselves in the critical infrastructure of the United States, according to military and law enforcement officials.

Everyone knows to patch vulnerabilities for Internet-facing assets, but what about internal ones? One botnet is counting on your complacency.

CISA urges federal and private-sector organizations to disconnect Ivanti VPNs vulnerable to zero-day flaws.

It is imperative that healthcare and health-tech companies move beyond reactive measures and adopt a proactive stance in safeguarding sensitive patient information.

The initiative is aimed at promoting policy, ethics, and expansion of AI in the country.

Cybersecurity Maturity Model Certification (CMMC) and a harden, detect, and respond mindset are key to protecting defense and critical infrastructure companies.

New sanctions aim to disrupt their cyber and financial operations.

The Justice Department and FBI confirmed they had disrupted the botnet run by a Chinese APT group targeting U.S. critical infrastructure.