Eduard Kovacs

Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks.

Several industry professionals comment on the SEC’s new cybersecurity incident disclosure rules and their implications.

Several vulnerabilities found in Weintek Weincloud could have allowed hackers to manipulate and damage ICS, including PLCs and field devices.

The TSA has released updated cybersecurity requirements for pipeline owners and operators, instructing them to test assessment and incident response plans.

An Axis network door controller vulnerability can be exploited to target facilities, exposing them to both physical and cyber threats.

The SEC has adopted new rules requiring public companies to disclose cybersecurity breaches that have a material impact within four days.

The NHL Stenden University of Applied Sciences in the Netherlands has launched MCAD, the Maritime Cyber Attack Database.

French aerospace, defense, and security giant Thales is acquiring cybersecurity firm Imperva from Thoma Bravo in a $3.6 billion deal.

AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information.

An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government.

Experts believe the Cl0p ransomware gang could earn as much as $100 million from the MOVEit hack, with the number of confirmed victims approaching...

Cybersecurity firm Perimeter81 appears to have botched the responsible disclosure process for a privilege escalation vulnerability found in its macOS application.

The China-linked cyberspy group APT31 is believed to be behind a data-theft campaign targeting industrial organizations in Eastern Europe.

Google has created a dedicated AI Red Team tasked with carrying out complex technical attacks on artificial intelligence systems.

VirusTotal has provided clarifications on the recent data leak that resulted in the exposure of information on 5,600 of the threat analysis service’s customers.

CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization.

Two new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause...

Estée Lauder has confirmed suffering a data breach just as two ransomware groups claimed to have targeted the company, both allegedly stealing vast amounts...

Adobe releases a second round of patches for recent ColdFusion vulnerabilities, including flaws that have been exploited in attacks.

Over a dozen vulnerabilities patched by GE in its Cimplicity HMI/SCADA product are reminiscent of ICS attacks conducted by the Russian Sandworm group.