Security Bulletin

The Clop ransomware group is actively exploiting a SysAid zero-day flaw after running rampant through enterprise systems using MOVEit file transfer bug.

GitHub has updated its Advanced Security platform available for Enterprise Cloud and Enterprise Server customers to provide new artificial intelligence-powered features in a bid to "revolutionize" secure app development, reports SecurityWeek.

Improved defenses and resilience against cybersecurity and physical security threats, as well as natural disasters, among U.S. critical infrastructure entities have been sought by the new Shields Ready campaign launched by the Department of Homeland...

Major U.S. private radiology firm US Radiology has been imposed a $450,000 penalty by New York Attorney General Letitia James following its failure to remediate a SonicWall vulnerability that led to a ransomware attack in 2021, which compromised...

BleepingComputer reports that Russian majority state-owned financial services firm Sberbank has been disrupted by a distributed denial-of-service attack that peaked at one million requests per second.

U.S. cloud data analytics and log analysis firm Sumo Logic has confirmed discovering a potential security incident after its Amazon Web Services account was accessed using stolen credentials, reports TechCrunch.

Malicious Python packages spread BlazeStealer malware Eight new Python packages masquerading as obfuscation tools have been used to facilitate the distribution of the BlazeStealer malware since January, The Hacker News reports.

Hackread reports that Microsoft Azure's Automation Service has been leveraged to create the first cryptocurrency miner that could not be detected by security systems.

At least 24 Cambodian government organizations have been compromised by two high-profile Chinese state-sponsored advanced persistent threat groups as part of a cyberespionage operation, reports The Record, a news site by cybersecurity firm Recorded...

The US Treasury states that it is in contact with financial regulators as it monitors the breach.

Analysis of six major cloud incidents shows how some common mistakes can lead to serious consequences.

Industrial cybersecurity needs granular security policies. This requires visibility into what assets are connected. Learn how Cisco and Rockwell are enabling OT visibility into CPwE with Cyber Vision.