Latest News

CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list.

A Joni Mitchell song from the 1960s can teach us a lot about securing hybrid and multi-cloud environments.

Veeam has released patches for a critical-severity remote code execution vulnerability in Backup & Replication.

Pennsylvania State Education Association says the personal information of over 500,000 individuals was stolen in a data breach.

SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.

Amazon is ending a little-used privacy feature that let some users of its Echo smart speaker prevent their voice commands from going to the company’s cloud.

Over 300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play.

Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction.

Orion protects against data exfiltration by using AI to compare actual data flows against permitted and expected data flows.

Defending high profile sporting events from adversarial attacks requires a mix of experienced capabilities and a solid threat intelligence program.

Infosys McCamish System has agreed to pay $17.5 million to settle six class action lawsuits filed over a 2023 data breach.

News analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem?

Chinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT.

A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.

Microsoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft.