Security Bulletin

Intrusions involved the delivery of phishing emails with malicious RAR or ISO attachments, with the former triggering direct DBatLoader execution and the latter obscuring a Windows batch script with a PEM-encoded certificate revocation list...

Attackers leveraged agreement-spoofing phishing emails to deliver a RAR archive with a malicious DLL, which would execute DSDownloader.

CyberScoop reports that artificial intelligence, low influence operation costs, and legal challenges were noted by Senate Intelligence Chairman Mark Warner, D-Va., to worsen misinformation and disinformation campaigns targeted at the upcoming...

Influence operations are expected to exploit recent developments in the presidential campaign, including President Joe Biden's dropping of a reelection bid in favor of Vice President Kamala Harris and the attempted assassination of former President...

Cisco Defense Orchestrator is designed to simplify the management of secure firewalls. With the introduction of Cisco CDO APIs, we enable Managed Security Service Providers (MSSPs) to unlock unprecedented levels of operational efficiency.

The security vulnerabilities, CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396, could lay open proprietary and sensitive research to data thieves.

If paying a ransom is prohibited, organizations won't do it — eliminating the incentive for cybercriminals. Problem solved, it seems. Or is it?

Outages impacting Microsoft 365 and Azure were noted by Ookla's Downdetector site to have peaked at 363 and 483 on Tuesday at around 6:22 a.m. Pacific, with users in the Americas. Europe, the Middle East, and Africa, and Asia Pacific affected by the...

While 89% of industrial organization employees noted cybersecurity compliance being extremely or very important, 39% named cybersecurity as the leading challenge in industrial infrastructure operations and maintenance, mostly due to legacy system...

Integrated within KOPSA were the Children and Teens' Online Privacy Protection Act 2.0 — which sought parental approval for collecting data from children under 13, established data minimization rules, and enabled easy data deletion among youths — and...

Increased investigative powers on digital asset-related crimes would enable the Secret Service to better pursue transnational cybercrime, as well as crack down on financial fraud and unlicensed money transmitting businesses, according to the bill.

Such advice from CISA follows several reports noting that between 13,000 and 42,000 ServiceNow systems may be compromised through the flaws, most of which were noted by Resecurity to be in the U.S., the UK, India, and the European Union.