Security Bulletin

CSF 2.0 features a larger scope, new “Govern” pillar and catalog of resources to aid implementation.

In the notice letter sent out to affected individuals, U-Haul notes that credit card information was not accessed in the breach.

CISA and its counterparts in the UK and other countries this week offered new guidance on how to deal with the threat actor's recent shift to cloud attacks.

Apple's PQ3 for securing iMessage and Signal's PQXH show how organizations are preparing for a future in which encryption protocols must be exponentially harder to crack.

Cisco Learning & Certifications provides continuous upskilling opportunities as organizations look to AI’s transformative capabilities for a more productive and growth-enabled future. Get started on new learning opportunities today.

A new infostealer spreading to organizations across Mexico heralds 2024's fresh season of tax-themed phishing attacks.

Initial reports that the malware strain involved a LockBit affiliate, but recent data suggests an ALPHV/BlackCat link.

Developer-driven security programs place the development team at the center of reducing vulnerabilities.

The Russian hacking group switched to attacking cloud-hosted networks to gain initial access.

Last week, the US Department of Justice published a press release entitled "Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation&#x27s Main Intelligence Directorate of the General Staff (GRU)" [1]...

Trusted brands like The Economist are also among the 8,000 entities compromised by Operation SubdoMailing, which is at the heart of a larger operation of a single threat actor.