Security Bulletin

Attackers may have obtained certain Port data in mid-to-late August before proceeding with encrypting such information, resulting in the outages of its baggage, ticketing, Wi-Fi, and reserved parking services, as well as check-in kiosks, passenger...

More than 30 organizations have already been compromised by 3AM, with its two most recent victims claimed in April and May having only 10% of their stolen data exposed so far by the ransomware gang.

Numerous social engineering tactics have been leveraged by threat actors to deploy Ajina.Banker, including fake banking, government, and utility apps, as well as malicious links purporting to be for promotions or offers spread via Telegram, a report...

The vulnerability, which impacts Ivanti CSA 4.6 that has recently reached end-of-life, could be leveraged to enable remote code execution, according to Ivanti, which urged immediate upgrades to Ivanti CSA 5.0.

Attacks involved the utilization of a fraudulent Google Chrome app, which when installed triggers a prompt for updating Google Play Services and eventually downloads TrickMo as "Google Services" before seeking the approval of accessibility...

Attacks as part of the campaign, which commenced in late August, involved the Amadey malware spreading a credential-flushing AutoIT script, which would launch a URL for replacing Google account passwords in kiosk mode and establish parameters that...

Aside from noting that a potential compromise of publicly available voter registration details would not affect the process or results of the upcoming election, both the FBI and CISA emphasized that there has been no indication of any intrusion that...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43461 Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670 Progress WhatsUp Gold SQL Injection...

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan. Developed in collaboration with FCEB agencies, this plan provides standard...

Here are three tips for safeguarding confidential computing in AI environments.

There is a common technique used by attackers: They append some data at the end of files (this is called an overlay). This can be used for two main reasons: To hide the appended data from the operating system (steganography). By example, you can...