Security Bulletin

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-44207 Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability These types of vulnerabilities are...

My last investigation is a file called “Albertsons_payment.GZ”, received via email. The file looks like an archive but is identified as a picture by TrID:

Threat actors associated with the notorious North Korean hacking outfit Lazarus Group are now setting their sites on targets in the nuclear power sector

This Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability.

Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit's RaaS activities, dating back to the ransomware gang's origins.

While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company's popular routers is more about geopolitics than actual cybersecurity — and that may not be a bad thing.

DocuSign campaign one of many mobile phishing campaigns that aim to steal corporate credentials from top executives.

Traditionally, transporting data between geographically distributed data centers required leasing high-capacity circuits from service providers or investing in dedicated optical transport networks.… Read more on Cisco Blogs

Combating nation-state threat actors at the enterprise level requires more than just cyber readiness and investment — it calls for a collaborative effort.

Cisco has disclosed plans to purchase Virginia-based threat detection and defense firm SnapAttack as part of its efforts to bolster threat-informed defenses across enterprises..