Security Bulletin

Widely known threat actor USDoD was discovered by VX-Underground researchers was planning to expose 2.9 billion records belonging to U.S., Canadian, and British citizens believed to have been stolen by the SXUL threat operation from Florida-based...

It's more important than ever for organizations to prepare themselves and their cybersecurity postures against known and unknown threats.

Officials from the Illinois Secretary of State's office disclosed the compromise of residents' driver's license details and Social Security numbers following a phishing attack against its employees in April, StateScoop reports.

Ransomware gang RansomHub took responsibility for attacking major U.S. internet, phone, and TV service provider Frontier Communications in April, which it claimed resulted in the exfiltration of data from over 2 million people, according to The...

Hackread reports U.S. ticket sales and distribution firm Ticketmaster has been confirmed by its parent firm Live Nation Entertainment to have been subjected to a data breach days after ShinyHunters commenced the sale of data from 560 million users...

Organizations in the manufacturing, construction, and education sectors across South Korea have been targeted by North Korean state-sponsored advanced persistent threat operation and Lazarus Group sub-cluster Andariel, also known as Silent Chollima...

Attacks with the Headlace information-stealing malware and credential-harvesting sites have been deployed by Russian state-backed threat operation APT28 — also known as Fancy Bear, Sednit, BlueDelta, Sofacy Group, STRONTIUM, and Pawn Storm — against...

This is a guest diary by John Moutos

The agency aims to burn down the backlog of vulnerabilities waiting to be added to the National Vulnerabilities Database via additional funding, third-party contract, and partnership with CISA.

CISO recounts how his wife’s dental practice was hit in the Change Healthcare attack and what the industry needs to do moving forward.