The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules
The SEC isn't giving SaaS a free pass. Applicable public companies, known as "registrants," are now subject to cyber incident...
The SEC isn't giving SaaS a free pass. Applicable public companies, known as "registrants," are now subject to cyber incident...
Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an...
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw...
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was...
A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. Mercedes-Benz...
New York Attorney General Letitia James sued Citibank over its alleged failure to defend customers against hacks and scams and...
The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking...
The U.S. Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in...
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims'...
CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The company announced...
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local...
The Akira ransomware group is targeting small to medium-sized businesses (SMBs) - 80% of its victims, since March 2023, have been SMBs....
Multiple vulnerabilities were identified in Jenkins. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution,...
The UK parliament’s upper chamber has said it is “deeply concerned” about unaccountable police use of live facial recognition (LFR)...
Ransomware incidents surged by 68% in 2023 to reach a record high, according to new data from Corvus Insurance. However,...
The FBI has claimed $55m were lost from May to December 2023 to scammers posing as representatives of the government,...
Payloads recently found on compromised Ivanti Connect Secure appliances could be from the same, sophisticated threat actor, according to incident...
Energy firm Schneider Electric has revealed it has fallen victim to a ransomware attack, leading to data from its Sustainability...
A new ransomware group called Alpha has recently emerged with the launch of its Dedicated/Data Leak Site (DLS) on the...
Security researchers have uncovered the presence of hundreds of network operators’ credentials circulating on the dark web in the aftermath of...
Jenkins has released security updates addressing multiple vulnerabilities, including a critical (CVE-2024-23897) vulnerability and a high-severity (CVE-2024-23898) vulnerability in their...
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware....