Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted.
Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS operating system, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities...
Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...
PrinterLogic has released security updates to address a total of nine vulnerabilities in Web Stack and Virtual Appliance, including three security defects that carry "high...
The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the final version of its IPv6 security guidance for federal agencies.
Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers’ reporting of data breaches.
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails,...
Microsoft has quietly started notifying some Azure customers that a serious security vulnerability in the Azure App Service has caused the exposure of hundreds...
French video game company Ubisoft this week confirmed that 'Just Dance' user data was compromised in a recent cybersecurity incident.The data breach was the...
The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching...
A pair of German security researchers have publicly documented the discovery of a drive-by code execution vulnerability in Windows 10 and criticized Microsoft for...
The U.S. government’s cybersecurity agency has updated its catalog of “known exploited vulnerabilities” and set deadlines for federal agencies to apply fixes for security...
Since June 2021, a relatively new ransomware group called Sabbath has been targeting critical infrastructure in the United States and Canada, including education, health...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have shared new...
A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain...
The Federal Communications Commission leveraged nearly $200 million in fines against wireless carriers AT&T, Sprint, T-Mobile and Verizon for illegally sharing customers’ location data.