Security Bulletin

Over the past few weeks, bad actors from different regions have been scanning devices with the VPN for potential vulnerabilities.

In this roundtable, cybersecurity experts — including two former CISA executives — weigh in on alternate sources for threat intel, incident response, and other essential cybersecurity services.

Attackers aim to find zero-days in the PAN-OS gateways they can exploit.

The bill will allow Japan to implement safeguards and strategies that have been in use by other countries for some time.

The security vendor counters that none of the information came directly from its systems but rather was acquired over a period of time by targeting individuals.

As identity threats surge and regulations tighten, Identiverse 2025 brings the digital identity security community together to decode what’s next—and who’s leading the charge.

Google says it has created “an entirely new type of encryption” for Gmail.

The FDA's regulations and guidance aim to strike a balance between ensuring rigorous oversight and enabling manufacturers to act swiftly when vulnerabilities are discovered.

Tenable released details of a Google Cloud Run flaw that prior to remediation allowed a threat actor to escalate privileges.

Speaking at an industry event, FedRAMP Director Pete Waterman announced the launch of “FedRAMP 2025,” calling on cloud providers to develop security innovations while the government sets standards.

The report notes a 388% increase in cloud security alerts and a 235% rise in high-severity incidents.

A continuation of the North Korean nation-state threat's campaign against employment seekers uses the social engineering attack to target CeFi organizations with the GolangGhost backdoor.