In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium)....
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat...
In the interconnected world of modern software development, Application Programming Interfaces (APIs) play a pivotal role in enabling systems to communicate and...
A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of...
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could...
Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal...
In 2023, the cloud isn’t just a technology—it’s a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the...
Kubernetes has become the de facto orchestration platform for managing containerized applications, but with its widespread adoption, the security of Kubernetes clusters...
MITRE and the US Cybersecurity and Infrastructure Security Agency (CISA) have collaborated to develop a new open source tool that simulates cyber-attacks...
The Federal Communications Commission (FCC) in the United States has recently presented a proposal for a smart device security standard that has...
Microsoft reported a previously unknown vulnerability known as a zero-day flaw that was present in many versions of Windows and Office and...
This cybersecurity information sheet (CSI) is being released by the National Security Agency (NSA) in collaboration with the Cybersecurity and Infrastructure Security...
AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows both include a high-severity vulnerability, and proof-of-concept attack...
Google on Wednesday announced the 0.1 Beta version of GUAC (short for Graph for Understanding Artifact Composition) for organizations to secure their...
Rules_oci, an open-sourced Bazel plugin (“ruleset”) that makes it easier and more secure to create container images using Bazel, has been made...
The Money Message extortion group attacked MSI in March, claiming to have taken 1.5TB of data. Firmware, source code, and databases were...
The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could...
The cybersecurity analysts at ESET recently reported that BlackLotus, a sneaky bootkit for UEFI (Unified Extensible Firmware Interface), has gained notoriety as...
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot...
GoDaddy, a company that provides web hosting services, has now announced a security breach in which the company’s computers were breached and...
By offering industry-driven, adaptable, and efficient data security standards and programs that assist businesses in identifying, mitigating, and preventing cyberattacks and breaches,...