Latest News

Exploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog.

Google has released the first quantum-resilient FIDO2 security key implementation as part of its OpenSK project.

Ivanti has patched critical- and high-severity vulnerabilities with the latest release of Avalanche, its enterprise mobile device management solution.

Cleaning products manufacturer and marketer Clorox Company has taken certain systems offline after falling victim to a cyberattack.

GitHub says it paid out more than $1.5 million in bug bounties for 364 vulnerabilities in 2022, reaching a total of nearly $4 million since 2016.

Google has released Chrome 116 with patches for 26 vulnerabilities and plans to ship weekly security updates for the popular web browser.

A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor.

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Hudson Rock security researchers have identified credentials for hacker forums on roughly 120,000 computers infected with information stealers.

The personal information of 1.5 million individuals was compromised in a ransomware attack at Alberta Dental Service Corporation (ADSC).

Threat detection and response firm SecureWorks is laying off 15% of its staff (roughly 300 people) in the second round of firings this year.

Colorado’s health programs administrator says the personal information of 4 million individuals was compromised in the recent MOVEit hack.

Working remotely is here to stay and businesses should continue to make sure their basic forms of communication are properly configured and secured.

The US government's CSRB will conduct a review of cloud security to provide recommendations on improving identity management and authentication.

Vulnerabilities in CyberPower and Dataprobe power management products could be exploited in data center attacks, including to cause damage and for spying.