Security Bulletin

After infiltrating The Real World through the exploitation of a platform vulnerability, attackers proceeded to post pro-feminist and LGBTQ+ emojis, remove attachments, and issue provisional bans for users of the platform, which was previously called...

Threat actors who compromised Bojangles' corporate network between February and March were able to exfiltrate "certain files" containing names and other personal details, according to Bojangles.

International Game Technology, a London-based multinational gambling and lottery company with more than 11,000 employees around the world, had some of its internal IT systems and apps disrupted following a cyberattack on Nov. 17.

Five critical steps to transition from outdated, static methodologies to cutting-edge autonomous pentests.

After unsuccessfully exploiting the targeted organization's Wi-Fi credentials obtained via password spraying attacks due to multi-factor authentication, APT28 resorted to breaching other entities in close proximity before discovering a device within...

TAG-110 leveraged vulnerable internet-exposed web apps and phishing emails to facilitate the delivery of the HATVIBE app loader that triggers that data exfiltrating CHERRYSPY backdoor.

Deployment of credential and cryptocurrency stealing malware has been conducted by Sapphire Sleet not only through the impersonation of venture capitalists luring targets to join an online meeting about a supposed investment but also via fraudulent...

Such an intrusion, which was noted to have involved attackers being deeply ingrained into certain telco networks, was regarded by Senate Intelligence Committee Chair Mark Warner, D-Va., to be the "worst telecom hack" in the U.S.

Learn how financial institutions can address ransomware and software and patch requirements to address public vulnerabilities.

Diversity isn't just an issue of fairness — it's about operational excellence and ensuring we have the best possible teams defending our national security.

Few months ago, I noticed that something strange was happening with the number of servers seen by Shodan in Russia...

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28461 Array Networks AG and vxAG ArrayOS Improper Authentication Vulnerability These types of vulnerabilities are...