Security Bulletin

The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers.

From sustainability goals, to seamless collaborations, and innovative API strategies, Meraki developer sessions are set to be a highlight of this event.

A sporty, modular downloader allows hackers to cherry-pick their exploits — in this case, two powerful tools for gaining admin access in a Windows system.

A top financial entity warned that its brand is being used to spread cyber scams, as fraud efforts persist throughout the country.

A critical zero-click account takeover exploit affects GitLab Community and Enterprise Editions.

Misunderstanding the permissions of an authentication group in Google Kubernetes Engine (GKE) opens millions of containers to anyone with a Google account.

A psyop targeting ordinary moviegoers is the latest in a string of similar attacks in the country since Oct. 7.

For the second time in a week, a leading tech firm revealed it was compromised by APT29.

Establishing a unified and comprehensive security framework in a multicloud, hybrid work environment is challenging. Attackers are more sophisticated than ever, coupled with a need to constantly ingest new vendors and new tools—we are at an...

Post-SolarWinds, it's no longer enough for chief information security officers to remain compliant and call it a day.

While technology innovations promise to deliver significant results for business managers, the reality of implementation and adoption is often very different. This blog from IDC shares how life-cycle services can help.