Security Bulletin

Impact from a "serious cyberattack" has been confirmed by Russian cybersecurity firm Avapost following claims of compromise by pro-Ukrainian hacking operation Cyber Anarchy Squad, reports The Record, a news site by cybersecurity firm Recorded Future.

The incident serves as a stark reminder of the fragility of our digital infrastructure. By adopting a diversified, resilient approach to cybersecurity, we can mitigate the risks and build a more secure digital future.

Threat actors have leveraged the new Gh0stGambit dropper to distribute the Gh0st RAT malware in drive-by download attacks against Chinese Windows users, The Hacker News reports.

Hackread reports that CrowdStrike had a 103,000-line indicator of compromise list exposed by widely known threat actor USDoD on Breach Forums following the hacker's claims of exfiltrating the U.S. cybersecurity firm's complete threat actor list last...

Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.

BleepingComputer reports that five Android apps cumulatively downloaded more than 32,000 times from the Google Play Store have been leveraged to facilitate the distribution of a stealthier iteration of the Mandrake Android spyware since 2022.

Millions of phishing emails impersonating IBM, Nike, Coca-Cola, and other major organizations have been deployed through the abuse of a Proofpoint email routing vulnerability as part of the EchoSpoofing attack campaign that began in January, reports...

Cisco's survey of more than 1000 professionals reveals how cybersecurity, IT/OT collaboration, and AI are transforming industrial networks.

Communications Specialist Intern Richie B. wasn't sure what to expect from a Cisco internship. See how he found a culture where he could succeed as his true self.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-37085 VMware ESXi Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors...

Apple released security updates to address vulnerabilities in Safari, iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...