Security Bulletin

Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and...

Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of...

Discovery of malicious network activity on Mar. 14 has prompted Radiant Logistics to immediately isolate Canadian operations, activate incident response measures, and engage with third-party cybersecurity experts to remediate the incident.

Simultaneously leveraging the developer platform's Copilot and CodeQL tools, GitHub's code-scanning autofix feature, which is still in beta, has been touted to address over two-thirds of discovered code bugs.

Today’s columnist, John Kindervag of Illumio, offers five ideas for getting the most out of zero-trust. (Stock Photo, Getty Images)

Aside from providing zero-trust network access, the new solution also features cloud access security broker and secure web gateway capabilities, according to Fortra.

More than 24 security issues impacting various Atlassian products have been resolved as part of a new round of patches.

Ivanti has urged organizations to immediately remediate critical vulnerabilities impacting its Standalone Sentry appliance and Neurons for ITSM IT service management solution with available patches.

Operational technology cyberattacks have targeted 75% of industrial firms in the Americas, Europe, and the Asia-Pacific during the past 12 months, 24% of which resulted in OT operation takedowns.

Attackers leveraged the hijacked email account to send phishing emails using a €50 voucher for ticket purchases as a lure that redirected to a spoofed Spa GP website that sought targets' banking details and other personal information.

Information stealing malware-as-a-service threat BunnyLoader has been updated with new data theft modules, more advanced keylogging features, smaller payloads, and increased stealth.