Security Bulletin

Companies must recognize AI's utility, while setting clear boundaries to curtail unsafe utilization.

The attackers also use custom wipers to cover their tracks and bypass EDR.

Cerber ransomware attacks started over the weekend, just days after “critical information” about the now-patched Atlassian Confluence vulnerability was posted online.

To combat sophisticated threats, we need to improve how we approach authorization and access controls.

The Biden AI EO lacks depth – the industry needs to get more involved, and NIST must offer some strong guidance.

Attacks leveraging the Amadey and PrivateLoader malware to deploy the Socks5Systemz proxy botnet have compromised 10,000 devices around the world since the beginning of October, most of which are from India, the U.S., Brazil, Colombia, and South...

Mandiant/Google Cloud’s Jill C. Tyson offers up timelines, checklists, and other guidance around enterprise-wide readiness to ensure compliance with the new rule.

Several WhatsApp mods for Android have been used by threat actors to facilitate the deployment of the CanesSpy spyware, The Hacker News reports.

The Register reports that U.S. insurance and advisory services provider Hilb Group had 81,539 individuals' personal data compromised following a breach of employee email accounts earlier this year.

Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.

Ransomware attackers have reportedly targeted India-based IT consulting firm Infosys' U.S.-based subsidiary McCamish Systems, The Times of India reports.