Veriti Research reported a developing cyber threat campaign centred around the declassification and release of the RFK, MLK…

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities in ClearML and four vulnerabilities in Nvidia. The vulnerabilities mentioned in this blog post have been...

Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a...

Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024. The attacks...

The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to...

In the highly competitive healthcare industry, urgent care providers face unique challenges as they expand their operations to meet growing demand. One leading urgent care network with clinics...

Operational technology (OT) environments are the backbone of critical industries – electric, oil and gas, and manufacturing, and are increasingly... The post How to Navigate Network Security in a...

Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts

The government of Prime Minister Anthony Albanese has imposed additional cyber sanctions in response to a major 2022 cyberattack that hit Medibank Private. The breach, which compromised millions...

Police disrupt Phobos, 8Base and LockBit, Sarcoma ransomware targets PCB giant, and China-linked APTs use espionage tools in ransomware attacks.

It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees...

Attackers are now targeting an authentication bypass vulnerability affecting SonicWall firewalls shortly after the release of proof-of-concept (PoC) exploit code. [...]

Cybercriminals often ramp up their schemes and attacks on holidays like Valentine’s Day. Read up on what key scams to avoid this season.

A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]

The organization becomes the AI Security Institute as the UK shifts its focus to tackling AI risks to national security

One of the challenges with investigating cybercrime is the infrastructure the adversaries leverage to conduct attacks. Cybercriminal infrastructure has evolved drastically over the last 25 years,...

Learn how Wiz for ASPM extends security to developer infrastructure by continuously enforcing secure defaults and detecting threats across the software supply chain.

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a...

Symantec found that tools previously only used by Chinese nation-state espionage actors were deployed in a ransomware attack

​Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...]

Check out best practices for preventing buffer overflow attacks. Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. Meanwhile, an informal Tenable poll looks at...

China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. [...]

​Microsoft has fixed a known issue causing "boot device inaccessible" errors during startup on some Windows Server 2025 systems using iSCSI. [...]

The Trump administration made it clear that innovation and competition with China would be bigger priorities. The post In Paris, U.S. signals shift from AI safety to deregulation appeared first on...

KEY TAKEAWAYS Volexity has observed multiple Russian Threat Actors conducting social-engineering and spear-phishing campaigns targeting organizations with the ultimate goal of compromising...

Microsoft has published its first research on a subgroup within the Russian state actor Seashell Blizzard, detailing a... The post Microsoft details Seashell Blizzard BadPilot campaign targeting...

Russian GRU-linked hackers exploit known software flaws to breach critical networks worldwide, targeting the United States and the…

A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit...

In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was...

A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed...