Security Bulletin

Ongoing remote code execution attacks leveraging four Juniper J-Web interface vulnerabilities, tracked from CVE-2023-36844 to CVE-2023-36847, in a pre-auth exploit chain have led to their inclusion in the Cybersecurity and Infrastructure Security...

StateScoop reports that officials at the City of Huber Heights in Ohio have confirmed that numerous city systems have been disrupted by a ransomware attack on the morning of Nov. 12.

Major Canadian financial technology firm Moneris has announced that it was able to avert an attack by the Medusa ransomware operation, which has demanded $6 million in exchange for the stolen data, reports The Record, a news site by cybersecurity...

Dragos has disclosed that it has not been impacted by a data breach after the ALPHV/BlackCat ransomware operation claimed to compromise its systems through a third-party hack, according to SecurityWeek.

ICBC claimed to have paid ransom following attack against US unit The LockBit ransomware operation alleged that the Industrial & Commercial Bank of China has provided ransom following an attack against its U.S. subsidiary ICBC Financial Services last...

While China is already among the world's most formidable threat actors, a focus on exploiting public-facing appliances makes its state-sponsored APTs more dangerous than ever.

In this Black Hat Europe preview, devices bridging critical machinery with the wider Internet are exposed and subject to numerous supply chain-induced bugs.

Today, Microsoft released patches for 64 different vulnerabilities in Microsoft products, 14 vulnerabilities in Chromium affecting Microsoft Edge, and five vulnerabilities affecting Microsoft's Linux distribution, Mariner. Three of these...

This category includes our BIND 9 Security Vulnerability Matrix as well as all of the individual BIND 9 vulnerability advisories. Please note that there are several critical documents related to vulnerability handling that apply generally to ISC...

After targeting more than 350 victims in 13 months, the prolific Royal ransomware group indicates it may change its identity, according to CISA and the FBI.

Okta's breach highlighted the importance of sanitizing the data logged in HAR files before sharing them.

Connect critical devices such as industrial control systems and physical security equipment over a private LTE network using the 450MHz band.