Security Bulletin

In a bid to accelerate zero trust adoption across federal agencies, the Cybersecurity and Infrastructure Security Agency is poised to unveil the new Zero Trust Initiative Office, FedScoop reports.

Patches have been issued by ESET for a high-severity flaw impacting its antivirus, server, and endpoint offerings for Windows, as well as its security products for Exchange Server, Azure, SharePoint Server, and IBM Domino, which could be leveraged to...

New variants of the QBot malware, also known as Qakbot, have emerged since mid-December despite having been disrupted in August, suggesting continuous testing by the malware developer, BleepingComputer reports.

Windows systems have been subjected to attacks involving a new group of malware droppers collectively called TicTacToe that enabled the distribution of various final-stage payloads, including AgentTesla, Remcos, LokiBot, and SnakeLogger, during the...

Novel backdoor leveraged in Turla attacks Attacks with the novel TinyTurla-NG backdoor have been deployed by Russian state-backed threat operation Turla, also known as Secret Blizzard, Pensive Ursa, Iron Hunter, and Venomous Bear, against several non...

Trellix researchers say the RansomHouse group is mostly targeting corporate networks in the U.S. with multiple hypervisors.

The European Union is mandating industrial organizations to implement stronger cybersecurity measures. Learn which ones, and why it is important to act now.

For the second time this year, U.S. authorities neutralize a botnet of SOHO routers run by nation-state threat actors.

One of the worst hacks in history demonstrated that any online service must force its users to adopt at least two-factor authentication. This must be applied everywhere ASAP as a public safety measure.

File upload features added recently to generative AI platforms represent a new and bigger data pipe for sensitive information to wander outside corporate networks.

US reportedly launched a cyberattack against an Iranian military ship suspected of helping Houthi rebel pirates menacing shipping traffic in the Red Sea.

Agniane Stealer is a malware that targets credentials and documents, actively sold on Telegram, with ConfuserEX obfuscations, presents novel C2 protocol.