Security Bulletin

Organizations have been urged to prioritize the type of events logged and ensure the presence of accurate timestamps, device identifiers, executed commands, autonomous system numbers, and unique event identifiers to better aid in incident response...

"Transparency is one of the most powerful tools we have to counteract foreign malign influence operations intended to undermine our elections and democratic institutions," said the FBI.

With the right processes and tools, organizations can implement advanced AI security frameworks that make hidden risks visible, enabling security teams to track and address them before impact.

Consolidating Bird Eats Bug's bug reporting solution into BrowserStack's ecosystem seeks to address ongoing issues in the flaw reporting process, as well as improve the testing experiences of developer and quality assurance teams.

Malvertising campaigns promoting risky software have allegedly been launched by Kadariya, also known as Eseb, baxus, and Stalin, to facilitate widespread device compromise with the Angler Exploit Kit and other malicious payloads between Oct. 2013 and...

Such a flaw, tracked as CVE-2024-6386, stems from improper shortcode management and lacking input validation and sanitization within the WPML plugin.

Attacks involved the malicious 'ss-otr' plugin installer, which had a signature from Polish firm Interrex and enabled retrieval of an Interrex certificate-signed DarkGate payload or PowerShell scripts from a controlled server.

Intrusions commence lures to install HZ RAT for macOS as an OpenVPN Connect-spoofing installer, which when executed triggers shell command execution, file writing to disk, file delivery to the command-and-control server, and device availability...

Information leaked by the Amazon S3 instance included Paperless Online Voter Applications, National Change of Address applications, and vote by mail ballot applications.

Operations of Razr ransomware commence with unique machine ID, encryption key, and Initialization Vector generation, which are later delivered in unencrypted JSON format to a command-and-control server.

Attackers with unauthorized VPN access were able to infiltrate Park'N Fly's network between July 11 and July 13, enabling the theft of individuals' names, mailing and email addresses, and Canadian Automobile Association and Aeroplan numbers.

Attacks commenced with the delivery of emails redirecting to sway[.]cloud[.]microsoft domain-hosted phishing pages that lured targets into scanning QR codes with their less secure mobile devices, which would facilitate further malicious activity.