Security Bulletin

Three threat groups using the exact same scam kit stole from 90 victims, mostly during the period of June to August, using smart contracts to hijack wallets and transfer their contents without needing to bypass device security. To date, neary $3...

One of the affected healthcare providers was already reeling after losing a million records in the massive MOVEit Transfer attacks.

Red-team assessments aren't very good at validating that defenses are working, so defenders don't have a realistic sense of how strong their defenses are.

Security teams have to come to grips with the reality that even with the last-minute accommodation not requiring the disclosure of any technical details – companies still need to comply with these new rules.

UNC-0050 is targeting government agencies in Ukraine in what appears to be a politically motivated intelligence-gathering operation.

Cybersecurity forecasters foresee consolidation of platforms as well as the market in 2024, with regulations and corporate responsibility weighing heavily on CISOs and board members.

New Jersey-based population health management software firm HealthEC had personal and health information from almost 4.5 million individuals following a data breach in July, reports SiliconAngle.

Nearly 11 million SSH servers connected to the internet, or about 52% of all scanned servers in IPv4 and IPv6 environments, could be compromised with the novel Terrapin attack, which could affect SSH channel integrity in certain encryption modes, as...