Security Bulletin

The Christmas Eve compromise of data-security firm Cyberhaven's Chrome extension spotlights the challenges in shoring up third-party software supply chains.

Investors were deceived by Do Kwon to purchase Terraform products and increase the value of Luna to $50 billion in early 2022 after he claimed to restore the dwindling value of the TerraUSD stablecoin only for the values of both coins to crash in May...

Such a rule, which is open for public comments until Mar. 4, would not only limit but also potentially prohibit the sales of Chinese-made drones, which account for most of the unmanned aerial vehicle market in the U.S.

Aside from deferring the delivery of breach notifications two months later, Visionworks also did not sufficiently defend its systems, resulting in the exfiltration of customers' names, birthdates, Social Security numbers, home and email addresses...

Power Platform's OData Web API Filter was impacted by two of the discovered security issues, the first of which stemmed from inadequate access control that enabled access to sensitive data and potential exploitation to obtain complete hashes while...

Most of the impacted services have since been restored but additional details regarding the identity of the intrusion's perpetrators have not been provided by the firm.

"This means that passwords used for mail access may be intercepted by a network sniffer. Additionally, service exposure may enable password guessing attacks against the server," said Shadowserver.

Officials revealed that the department's Office of Financial Research had also been infiltrated as part of the incident, which was noted to have stemmed from an attack against the agency's implementation of the BeyondTrust remote support software-as...

A proactive approach by business that looks to align with government can make cybersecurity more of a priority in Washington.

We entered a new year, but attack scenarios have not changed (yet). I found a Python script with an interesting behavior[ 1] and a low Virustotal score (7/61). It targets Microsoft Windows hosts because it starts by loading all libraries required to...

Tech giant will be paying out a $95 million settlement over claims it exposed user data.

Surveyed COOs reported savings of up to 7.7% of annual revenue due to GenAI use.