Security Bulletin

Misconfigurations leaked the full names, emails, personal and work phone numbers, and financial application usernames belonging to clients of Dominican Republic's Asociacion La Nacional de Ahorros y Prestamos, Mexico's Caja Mitras and Caja Buenos...

Aside from ensuring OT system and process awareness, organizations should also strengthen cyber incident investigation and response efforts, bolster OT data protections, separate OT networks from IT networks, and include their vendors and managed...

Attacks by CeranaKeeper involved the deployment of the Mustang Panda-linked TONESHELL backdoor, a credential dumping tool, and a legitimate Avast driver before proceeding with the delivery of the WavyExfiller Python uploader for data gathering, the...

Attackers purporting to be Royal Mail distributed malicious emails about a failed package delivery with a PDF attachment that included a link redirecting to a Dropbox-hosted ZIP file, which then facilitated the execution of Prince ransomware.

Such websites, which are operated under "AI Nude" and are advanced by black hat SEO techniques, promise the conversion of uploaded photos into deepfake nudes but display a link, which when clicked redirected to another site with the password and link...

Both iOS and Android devices have been targeted with attacks involving the fake app dubbed "SB-INT," which lured victims into manually trusting the Enterprise developer profile before triggering the registration process that would seek additional...

Such record-breaking intrusion has been thwarted alongside more than 100 other hyper-volumetric L3/4 DDoS attacks of similar intensity that have been launched against organizations in the telecommunications, financial services, and internet...

Businesses that successfully manage the complexities of multicloud management will be best positioned to thrive in an increasingly digital and interconnected world.

Nearly 34% of over 198,000 internet-exposed devices affected by the CUPS flaws, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, could be leveraged for DDoS attacks, which involve the delivery of a packet designating a...

Such active intrusions have prompted the flaw's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate unpatched instances by Oct. 23.

NIST standardized three algorithms for post-quantum cryptography. What does that mean for the information and communications technology (ICT) industry?

See how Cisco's efforts in EMEA are making changes for some people directly affected by the war in Ukraine. Learn more about The Opportunity Platform today!