Security Bulletin

The Nigerian national, who was living in the US, also must pay over $1 million in restitution.

Are Ukrainian cyberattacks against Iranian targets a blip or the beginning of a new trend?

Organizations hit by the Royal and Akira ransomware gangs have been approached by fake researchers claiming they can access and delete stolen files.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent...

Ivanti has released a security update to address an authentication bypass vulnerability (CVE-2023-46805) and a command injection vulnerability (CVE-2024-21887) in all supported versions (9.x and 22.x) of Connect Secure and Policy Secure gateways. A...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21887 Ivanti Connect Secure and Policy Secure Command Injection Vulnerability CVE-2023-46805 Ivanti Connect...

Here are four ways to get going implementing zero-trust.

Reports say M9 Telecom servers were destroyed in retaliation for Russia-backed cyberattack against Kyivstar mobile phone operator.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Microsoft today surprised with a light patch Tuesday. We only received 48 patches for Microsoft products and four for Chromium, affecting Microsoft Edge. Only two of the 48 patches are rated critical; none had been disclosed or exploited before today...

A second, easy-to-exploit critical security vulnerability in Microsoft's first 2024 Patch Tuesday allows RCE within Hyper-Virtualization.

Cyberattackers are checking into the accounts of Booking.com's hotel partners, hoping to steal their visitor data.