Security Bulletin

Three days after Ivanti published an advisory about the high-severity vulnerability CVE-2024-8190, threat actors began to abuse the flaw.

Security pros say U.S. companies should stay vigilant as RansomHub remains active worldwide.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

This year’s theme is Forward as One and it fits perfectly with our current landscape. It underscores the necessity of moving forward together—Cisco and our partners—as a unified force. To evolve and succeed in this ever-changing market, we must be...

While the 2024 election may see various cyber threats, existing security measures and coordination across all levels of government aim to minimize their impact.

SecurityWeek reports that Apple has sought the dismissal of a lawsuit it filed against Israeli spyware maker NSO Group three years ago amid recent developments that could threaten the exposure of threat intelligence and other sensitive data required...

Restoration of the servers has allowed the resumption of business with third-party suppliers and dealers, according to the major Japanese motor vehicle manufacturer's European arm, which confirmed the temporary isolation of all its servers but did...

Attackers were able to compromise 23andMe over five months beginning April 2023, enabling access to 5.5 million DNA Relatives profiles and details from 1.4 million users of the Family Tree feature, said the company in a disclosure in October.

Attackers may have obtained certain Port data in mid-to-late August before proceeding with encrypting such information, resulting in the outages of its baggage, ticketing, Wi-Fi, and reserved parking services, as well as check-in kiosks, passenger...

More than 30 organizations have already been compromised by 3AM, with its two most recent victims claimed in April and May having only 10% of their stolen data exposed so far by the ransomware gang.

Numerous social engineering tactics have been leveraged by threat actors to deploy Ajina.Banker, including fake banking, government, and utility apps, as well as malicious links purporting to be for promotions or offers spread via Telegram, a report...

The vulnerability, which impacts Ivanti CSA 4.6 that has recently reached end-of-life, could be leveraged to enable remote code execution, according to Ivanti, which urged immediate upgrades to Ivanti CSA 5.0.