Eduard Kovacs

A new free tool named OpalOPC helps industrial organizations find OPC UA misconfigurations and vulnerabilities.

Thirty-one cybersecurity-related merger and acquisition (M&A) deals were announced in October 2023.

Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group. 

Microsoft says four Exchange ‘zero-days’ disclosed by ZDI have either already been patched or they don’t require immediate attention.

The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10.

Industry commentary on the SEC lawsuit against SolarWinds and its CISO over cybersecurity and risk handling practices before the massive hack that came to...

Former SpaceX cybersecurity engineers launch Wraithwatch, an AI-based security firm that received $8 million in seed funding. 

A recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 is being exploited to deliver ransomware.

Boeing has confirmed that parts of its distribution business were hit by a cyberattack after a ransomware group claimed to have breached the company’s...

The recent shutdown of the Mozi botnet is believed to have been carried out by its creators, possibly forced by Chinese authorities. 

VMware’s Threat Analysis Unit finds 34 new vulnerable kernel drivers that can be exploited to alter or erase firmware and escalate privileges.

MITRE announces the release of ATT&CK v14, which brings enhancements related to detections, ICS, and mobile.

AI cybersecurity firm Cranium has raised $25 million in Series A funding, which brings the total investment in the company to $32 million.

New iLeakage side-channel speculative execution attack exploits Safari to steal sensitive information from Macs and iPhones.

Japanese watchmaking giant Seiko has confirmed that personal information was stolen in a recent ransomware attack.

A new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions from each...

Rockwell Automation has warned customers about the impact of the actively exploited Cisco IOS XE zero-day on its Stratix industrial switches.

The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant.

Rockwell Automation agreed to acquire ICS/OT cybersecurity firm Verve Industrial Protection to expand its offerings.

Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping.