Security Bulletin

Attackers were able to exfiltrate individuals' names, Social Security numbers, and other personal details as a result of the incident but there has been no evidence suggesting the misuse of impacted data, said UMG in a filing with the Office of the...

After shutting down its systems on September 20, MoneyGram issued an email update five days later stating that it has since restored most of its operations with the assistance of CrowdStrike and other third-party cybersecurity experts, as well as U.S...

CISOs must function as business leaders with tech skills, focus more on financial calculations, and have the ability to handle crisis communications.

The popular LiteSpeed Cache plug-in is vulnerable to unauthenticated privilege escalation via a dangerous XSS flaw.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Phishing attacks are become more prevalent as threat actors are arming themselves with potent new tools.

The collaboration with industry partners will improve collective AI defenses. Trusted contributors receive protected and anonymized data on real-world AI incidents.

The “BabyLockerKZ” variant has been in use by an unnamed threat actor since late 2023.

Creaky old identity-management systems can't keep up with today's cloud-based, remote, zero-trust workplaces. Here's how a modern IAM system prepares your organization for the future.

CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and accessibility features.

A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying high price tags to do so — up to $2M or more.

The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election — one of the APT's prime targets.