Security Bulletin

A campaign that's been active since April has already racked up nearly 75,000 downloads, stealing data and cryptocurrency in the process.

The vulnerabilities exist in the widely used TorchServe framework, used by Amazon, Google, Walmart, and many other heavy hitters.

A literal seven-nation (cyber) army wasn't enough to hold back the famous initial access broker (IAB) for long — it's been chugging along, spreading ransomware, despite a massive takedown in August.

This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q3 2023. It was last updated on November 8, 2023.

In addition to new capabilities that were recently launched in the Cisco Full-Stack Observability portfolio, Cisco has created bundles that solve multiple use cases and offer implementation services to help you accelerate your journey to full stack...

Patch now: The Atlassian security vulnerability appears to be a remotely exploitable privilege-escalation bug that cyberattackers could use to crack collaboration environments wide open.

Cloud is the new data center, internet is the new network, and home is the new office. As infrastructure and working environments change, so must visibility into hops across the digital supply chain to ensure secure and exceptional experiences for...

With these five steps, organizations can develop stronger security practices and make the inevitable breaches inconsequential.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: AFS65x, AFF66x, AFS67x, AFR67x Series Vulnerabilities: Incorrect Calculation, Integer Overflow or Wraparound, Improper...

CISA released three Industrial Control Systems (ICS) advisories on October 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-278-01 Hitachi Energy AFS65x, AFF66x...

Atlassian released a security advisory to address a vulnerability affecting Confluence Data Center and Confluence Server. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Qognify Equipment: NiceVision Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability...