Security Bulletin

Utah-based consumer electronics accessories manufacturer ZAGG had its customers' credit card details compromised following a breach of the third-party FreshClicks app available through software-as-a-service e-commerce platform provider BigCommerce...

Cariad, the automotive software firm of Volkswagen Group, had data from nearly 800,000 Volkswagen, Audi, Skoda, and Seat electric vehicles inadvertently leaked by a misconfigured Amazon cloud storage, according to BleepingComputer.

Attacks with the new VBCloud malware have been deployed by Russian state-backed threat operation Cloud Atlas, also known as Clean Ursa, Oxygen, Inception, and Red October, to facilitate data theft against dozens of users, most of whom are in Russia...

The U.S. Department of Justice has finalized a rule banning the sales of Americans' biometric, geolocation, health, genomic, and financial data, as well as U.S. government data to adversarial nations, including China, Russia, Iran, North Korea...

Cyber insurance should augment your cybersecurity strategy — not replace it.

Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types of vulnerabilities are frequent...

With the end of the year quickly approaching, it is undoubtedly a good time to take a look at what has changed during the past 12 months. One security-related area, which deserves special attention in this context, is related to the use of different...

Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases.

DoS flaw actively exploited in production. Security pros warn teams to patch right away.

Security Weekly News' Adrian Sanabria discusses a collaborative approach to disrupting cybercrime with Fortinet's Derek Manky, chief security strategist and global VP of threat intelligence.