Security Bulletin

This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q4 2023. It was last updated on January 19, 2024.OctoberWe terminated 8 Y…

The industry needs to break away from old-style certifications and focus more on continuous improvement, hands-on training, and realistic simulations.

Though reports say this latest Ivanti bug is being exploited, it's unclear exactly how threat actors are using it.

Russia-backed threat group targeting critical infrastructure and leading NGOs and NATO governments, including attacks on U.S. nuclear research facilities.

An IANS survey shows that CISOs shoulder more and more legal and regulatory liability for data breaches, but few are getting the recognition or support they need.

The Charming Kitten-related cyber-espionage group is posing as legitimate journalists and researchers to get intel on the Israel-Hamas war.

Australia's Essential Eight Maturity Model still doesn't address key factors needed to protect today's cloud and SaaS environments.

Ambient light sensors on smart-device screens can effectively be turned into a camera, opening up yet another path to snooping on unwitting victims.

The agency aims to build a more robust cybersecurity posture for the nation.

Infosec advocacy group warns that poor patching practices and reliance on cracked software increases risk.

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further...