Security Bulletin

Four House lawmakers have introduced bipartisan legislation that would require the National Institute of Standards and Technology and the Election Assistance Commission to jointly develop a report that would provide voluntary guidelines for election...

A new Absolute Security report found that many organizations are failing to ensure that the endpoint protection platforms and network access security applications on their managed PCs are running in compliance with basic security policies, reports...

The MITRE Corporation has launched EMB3D, a new threat-modeling framework designed for embedded devices in critical infrastructure environments, reports The Hacker News.

British Columbia, the westernmost province of Canada, has experienced "sophisticated cybersecurity incidents" that are thought to be the result of state-sponsored hackers targeting government networks, reports The Record, a news site by cybersecurity...

Security Affairs reports that the city of Helsinki, Finland has experienced a data breach affecting more than 80,000 people and the Police of Finland have begun investigating the matter after the breach was reported by the city.

IntelBroker, a well-known black hat hacker, is being investigated by Europol after he offered classified data purportedly stolen from the agency's system for sale, SecurityWeek reports.

The Record, a news site by cybersecurity firm Recorded Future, reports that the Federal Communications Commission announced that an entity known as Royal Tiger has been designated as the first group tagged through its new threat analysis and...

A cybercriminal who has assumed the name "salfetka" is purportedly selling the source code for the INC Ransom ransomware-as-a-service operation, BleepingComputer reports.

When Strategy and Planning Manager Wendy S. joined Cisco full-time, she knew she had access to incredible benefits she now leans on for support and well-being.

CISA, in partnership with the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Low attack complexity Vendor: Johnson Controls Equipment: Software House C●CURE 9000 Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of...

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, macOS, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are...