Security Bulletin

HIPAA compliance does not equal security, as continuing attacks on healthcare organizations show. Medical devices need to be secured.

Enterprises need to create a secure structure for tracking, assessing, and monitoring their growing stable of AI business apps.

The MITRE ATT&CK Evaluation is a valuable resource that can be used to inform your decision when selecting a security vendor.

In a bid to strengthen authentication and security measures against relay attacks and unauthorized network access, Microsoft has confirmed that it will be using Kerberos in place of the NT LAN Manager in Windows 11, The Hacker News reports.

Man-in-the-middle attacks against unmanned military vehicles have been identified and averted with 99% efficacy by a new artificial intelligence algorithm, reports BleepingComputer.

No patches have been issued for 35 of 55 security vulnerabilities impacting the popular open-source caching and forwarding proxy Squid that were identified two years ago, according to SecurityWeek.

Numerous class action lawsuits have been filed against major U.S. biotechnology and genetic testing firm 23andMe following a massive data breach stemming from credential stuffing attacks that compromised information from almost 1 million Ashkenazi...

Over 800 stores of U.S. convenience store chain Kwik Trip had their services disrupted by a "network incident" during the past week, reports The Record, a news site by cybersecurity firm Recorded Future.

TechCrunch reports that French cloud gaming service Shadow may have downplayed the data breach it confirmed to have stemmed from an "advanced social engineering attack," which CEO Eric Sele said resulted in the compromise of customers' full names...

Attacks with an updated and simplified RomCom RAT variant dubbed PEAPOD have been launched by the Void Rabisu threat operation, also known as Storm-0978, UNC2596, and Tropical Scorpius, against female political leaders who participated in the Women...

BleepingComputer reports that malicious scripts for compromising WordPress sites have been concealed in the blockchain by the ClearFake threat operation using the new EtherHiding code distribution technique that leverages the Binance Smart Chain in a...

Major U.S. pipeline system Colonial Pipeline has denied having its systems or operations affected by a ransomware attack claimed by the RansomedVC operation, saying that stolen files exposed by the ransomware group were from an unrelated third-party...