Security Bulletin

Global B2B data aggregation firm DemandScience, formerly known as Pure Incubation, was confirmed by cybersecurity researcher Troy Hunt to have owned the 122 million business contact details stolen and exposed by threat actor KryptonZambie in February...

Speaking to SC Media at the Hybrid Identity Protection Conference, Inglis outlined how intentional choices can either fortify or undermine an organization’s defenses.

The Embargo ransomware group has claimed targeting U.S. independent pharmacy cooperative American Associated Pharmacies in an attack, which purportedly resulted in the theft of 1.469 TB of data, reports The Register.

Chinese malware attack hits Tibetan websites Tibetan organizations Tibet Post and Gyudmed Tantric University had their websites breached by suspected Chinese state-backed threat operation TAG-112 in late May to spread the Cobalt Strike beacon and...

Mounting tensions in the Middle East have been exploited by Hamas-affiliated threat operation WIRTE which had been linked to the Gaza Cyber Gang, also known as TA402 and Molerats as it sought to broaden intrusions against organizations across Israel...

BleepingComputer reports that Ukrainian organizations have been subjected to suspected Russian cyberattacks involving the newly fixed Windows NTLM Hash Disclosure spoofing flaw, tracked as CVE-2024-43451, since June.

In the future, the cybersecurity landscape likely will depend not only on the ability of federal workforces to protect their agencies but also on their capacity to continuously develop and sharpen those skills.

A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much vulnerable software reaches production.

Given increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a run at a business-friendly federal privacy law.

A 2024. 46. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.11.08. és 2024.11.14. között kezelt incidensek statisztikai adatait is tartalmazza.

The second day of Semperis’ HIP conference featured frank advice about recovering from a ransomware attack, the nature of business resilience and the importance of identity security.

The proposed rules codify existing temporary directives requiring pipeline and railroad operators to report cyber incidents and create cyber risk management plans.