Security Bulletin

Malware-free intrusions have become the leading cybersecurity threat against small- to medium-sized businesses, accounting for 56% of all cyber incidents during the third quarter, SiliconAngle reports.

Nearly all operations at California's Tri-City Medical Center have resumed after being significantly disrupted by a cyberattack earlier this month, reports The San Diego Union-Tribune.

The Register reports that an investigation by U.S. cloud data analytics and log analysis firm Sumo Logic into a potential security breach earlier this month revealed no impact on its customer data.

AutoZone added to MOVEit breach toll Major U.S. automotive parts and accessories distributor and retailer AutoZone has confirmed having data from 184,995 individuals compromised in late May as part of the widespread MOVEit file transfer system hack...

Up to $26 million worth of cryptocurrency has been exfiltrated from cryptocurrency investment and trading company Kronos Research after a cyberattack that involved the breach of certain application programming interface keys, reports The Record, a...

Threat actors have been distributing a new Agent Tesla malware variant in attacks leveraging a lure file with the ZPAQ file compression format with improved compression ratios and journaling functionality over the RAR and ZIP formats, according to...

Operators of Play ransomware were noted by Adlumin researchers to have been providing the strain as a service to other threat actors, The Hacker News reports.

IBM joins Crowdstrike and Microsoft is releasing AI models to cloud-native SIEM platforms.

IBM joins Crowdstrike and Microsoft is releasing AI models to cloud-native SIEM platforms.

A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal.

A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal.

Attacks leveraging the Citrix Bleed vulnerability, tracked as CVE-2023-4966, impacting Citrix NetScaler ADC and NetScaler Gateway appliances were noted by Cybersecurity and Infrastructure Security Agency Assistant Director for Cybersecurity Eric...