Security Bulletin

CISA posted a set of guidelines aimed at helping companies better secure the commonly used devices.

Researchers measured a threefold increase in credential stealing between 2023 and 2024, with more than 11.3 million such thefts last year.

Targets are lured into a fake interview process that convinces them to download malware needed for a virtual interview.

New malware strain a continuation of the North Korean Contagious Interview job lure campaign first described last December.

Ransomware actors are offering individuals millions to turn on their employers and divulge private company information, in a brand-new cybercrime tactic.

Funnull CDN rents IPs from legitimate cloud service providers and uses them to host criminal websites, continuously cycling cloud resources in and out of use and acquiring new ones to stay ahead of cyber-defender detection.

Riot provides a cybersecurity training platform that simulates phishing attacks, detects data leaks, and educates employees through a chatbot named Albert.

Leading the additional protections is the default deactivation of public access to new clusters, which would only be accessible within users' Virtual Private Clouds.

Investigation into the incident completed in October revealed that only "limited" personal information had been compromised from affected individuals, who were informed and given complimentary identity protection services in December.

AEA confirmed being subjected to a cybersecurity incident that resulted in the exposure of information from 193,306 patients more than a month after the DragonForce ransomware operation took responsibility for the intrusion against the eye care...

While malicious network activity was first identified by Mizuno in early November, further investigation revealed that the Japanese sportswear company had its systems infiltrated since August, resulting in the periodic theft of individuals' names...