Security Bulletin

Almost two-thirds of city and county officials noted having inadequate cybersecurity budgets even though 55% had increased spending this year, compared with 7% who noted reduced cybersecurity allocations, StateScoop reports.

Mounting cyberattacks against K-12 schools and libraries across the U.S. since the school year began in August have prompted the Federal Communications Commission to propose a new "Schools and Library Cybersecurity Pilot Program," reports The Record...

SecurityWeek reports that three new vulnerabilities impacting SAP software have been addressed as part this month's Security Patch Day.

Vulnerable Apace ActiveMQ instances impacted by the maximum severity bug, tracked as CVE-2023-46604, could be exploited to achieve arbitrary code execution from memory through a new proof-of-concept exploit, The Hacker News reports.

Denmark had operations at 22 of its energy firms significantly disrupted in ongoing coordinated intrusions that involved the exploitation of a vulnerability in Zyxel firewalls since May, which is the country's largest cyberattack yet, according to...

Samsung has disclosed that its UK online store was impacted by a cyberattack, which compromised data from purchasing customers between July 1, 2019, and June 30, 2020, reports BleepingComputer.

ALPHV/BlackCat criminals alleged digital lending firm MeridianLink failed to report a breach the hacking group executed.

Plume claimed to be subjected to data breach Hackread reports that U.S. smart Wi-Fi service provider Plume was claimed to have had more than 20GB of files from its Wi-Fi database stolen by threat actors introducing themselves as MonkeyInject.

BleepingComputer reports that U.S. financial software firm MeridianLink has been snitched on by the ALPHV/BlackCat ransomware operation in a complaint filed with the U.S. Securities and Exchange Commission, alleging the company's failure to disclose...

U.S. organizations have been warned by the FBI and the Cybersecurity and Infrastructure Security Agency regarding attacks by the Rhysida ransomware operation, which have already impacted manufacturing, healthcare, government, education, and...

Academics in Germany figured out how to reverse time in AMD virtualization environments, then reap the spoils.

While Intel released a fix for the Reptar flaw — and that’s good — security pros say teams must keep the BIOS, OS, and drivers updated as a matter of course.