Security Bulletin

Flaw in Cisco IOS XE exposes credentials in plain text.

An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware.

In October 2024, Splunk was pleased to provide strategic grants to three nonprofits that are working to advance solutions for a sustainable planet: OpenAQ, Radiant Earth, and WattTime. While each has a distinctive history and approach, they share a...

Download eSentire's 10 questions to ask vendors about AI when choosing an MDR provider.

The country will require certain organizations to report ransomware payments and communications within 72 hours after they're made or face potential civil penalties.

The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory.

All KEV entries should include not only platform-specific relevance indicators and CVE origin details but also attack chain and attack path context, said the OX team.

Detailed in the roadmap are the preparation, baseline understanding, planning and execution, and monitoring and evaluation stages of the process, according to the PQCC.

With the U.S. facing increasing cyber threats from China, it is crucial that the CSRB be immediately reinstated by DHS and CISA, said the lawmakers in a letter to Department of Homeland Security Secretary Kristi Noem.

Internet service restoration efforts are already being conducted alongside Roskomnadzor, the country's communications regulator, noted ASVT, which has named Ukraine's IT Army hacktivist operation as the perpetrator of the intrusion.

Attackers who infiltrated Wiles' phone were able to impersonate the official in text messages and calls to senators, governors, and business executives across the country, according to a report from The Wall Street Journal, which cited statements...

Information exfiltrated during the Thanksgiving intrusion had been leveraged by attackers to facilitate threatening extortion techniques against cancer patients, according to the class action.