Security Bulletin

A threat group known as "Void Rabisu" used a spoofed Women Political Leaders Summit website to target attendees to the actual conference with espionage malware.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

It's been a year since its last communication and attack on Iran — but the conflict with Hamas appears to have reactivated the group.

The ransomware-as-a-service threat group has quickly become notorious for its aggressive multi-extortion tactics, the U.S. Health and Human Services' HC3 warned.

By using data to drive policy underwriting, cyber-insurance companies can offer coverage without a price tag that drives customers away.

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q3...

SaaS security is broad, possibly confusing, but undeniably crucial. Make sure you have the basics in place: discovery, risk assessment, and user access management.

The security principle of zero trust is the cornerstone of robust cloud security.

Bugcrowd signs the open letter with 55 others to ask the EU to reconsider its proposed 24-hour reporting requirement for vulnerability disclosures exploited in the wild.

A social engineering phone call lends authenticity to the attacker's malicious email.

Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts say.

CISA and FBI warn the RaaS provider's affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead.