Security Bulletin

Cyber threats on satellite technology will persist and evolve. We need a comprehensive cybersecurity framework to protect them from attackers.

Mozilla has released security updates to address vulnerabilities in Firefox ESR 115.4 and Firefox 119. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...

A wave of fresh actors joining the fray helped propel a monthly tally of double-extortion victims to a new record high.

Large digital footprints offer the bad guys more vectors to launch attacks – here’s how to stay more secure by limiting the company’s footprint.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The University of Michigan had data from its students, applicants, alumni, employees, donors, patients, and research study participants compromised after its network was breached in late August, according to BleepingComputer.

CyberScoop reports that all voters in Washington may have had their data compromised following a breach at the District of Columbia Board of Elections stemming from a ransomware attack against its third-party hosting provider DataNet, which was...

Suspicious activity has been identified by widely used password manager 1Password in an Okta instance leveraged for employee-facing app management, which has been confirmed to be related to the compromise of Okta's customer support management system...

BleepingComputer reports that QNAP has worked with Digital Ocean to dismantle a command-and-control server leveraged to facilitate far-reaching brute-force attacks aimed at vulnerable QNAP network-attached storage devices just two days after...

Industrial control system and operational technology cybersecurity firm Verve Industrial Protection is set to be acquired by major industrial technology provider Rockwell Automation following the signing of a definitive agreement, reports...

Updates to the National Cyber Incident Response Plan are being worked on by the Cybersecurity and Infrastructure Security Agency and the Office of the National Cyber Director after being mandated as part of the 2023 National Cybersecurity Strategy...