Security Bulletin

BleepingComputer reports that Ukrainian organizations have been subjected to suspected Russian cyberattacks involving the newly fixed Windows NTLM Hash Disclosure spoofing flaw, tracked as CVE-2024-43451, since June.

In the future, the cybersecurity landscape likely will depend not only on the ability of federal workforces to protect their agencies but also on their capacity to continuously develop and sharpen those skills.

A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much vulnerable software reaches production.

Given increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a run at a business-friendly federal privacy law.

A 2024. 46. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.11.08. és 2024.11.14. között kezelt incidensek statisztikai adatait is tartalmazza.

The second day of Semperis’ HIP conference featured frank advice about recovering from a ransomware attack, the nature of business resilience and the importance of identity security.

The proposed rules codify existing temporary directives requiring pipeline and railroad operators to report cyber incidents and create cyber risk management plans.

Frenos offers a zero-impact, continuous security assessment platform for operational technology environments.

An exploit using a poisoned model could enable exfiltration of sensitive fine-tuned LLM adapters.

Several versions of PostgreSQL are impacted, and customers will need to upgrade in order to patch.

In addition to his prison sentence, he will have to pay more than $1 million in restitution to his victims.