Security Bulletin

Other Biden administration appointees at CISA will also submit their resignations on Jan. 20, as the cyberdefense agency prepares for President-elect Trump's new DHS director.

A vulnerability found in the Really Simple Security plug-in allows an attacker to remotely gain access to any account on an affected website, including the administrator, when 2FA is enabled.

Discover Cisco's exciting updates from WebexOne and Partner Summit! From AI-driven solutions to the new Cisco 360 Partner Program, explore how we're driving innovation and growth together. Watch event highlights now!

Of the numerous victims, at least three refused to pay the demanded ransom, with the rest seemingly in talks with the cybercriminal group.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

The tangle of user-built tools is formidable to manage, but it can lead to a greater understanding of real-world business needs.

The security vendor's Expedition firewall appliance's PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet.

Companies that recognize current market opportunities — from the need to safely implement revolutionary technology like AI to the vast proliferation of cyber threats — have remarkable growth prospects.

While SVG primarily enables the crafting of images using text, lines, and shapes in code rather than pixels, such files could also be utilized to show HTML and facilitate JavaScript execution in credential-stealing phishing forms.

Malicious actors could leverage the vulnerability, which stems from improper user check error management in the two-factor REST API action, to facilitate high-privileged account breaches that could then be used for additional attacks, according to...

While WhatsApp proceeded to disable the "Eden" exploit leveraged by NSO Group, the Israeli firm proceeded to create the "Erised" vector to target the app's users until May 2020, noted a court filing from Meta, which also noted that NSO Group, and not...

Malicious emails spoofing Israel's National Cyber Directorate have been leveraged by Cotton Sandstorm to lure targeted entities into downloading a Google Chrome security update, which facilitates the delivery of WezRAT that enables file downloading...