Latest News

Facing intense pressure after Chinese APT hack, Microsoft plans to expand logging defaults for lower-tier M365 customers.

Norwegian recycling giant Tomra says internal systems have been taken offline to contain an extensive cyberattack.

Attackers are exploiting two path traversal vulnerabilities in the Stagil navigation for Jira – Menus & Themes plugin.

Over a dozen vulnerabilities patched by GE in its Cimplicity HMI/SCADA product are reminiscent of ICS attacks conducted by the Russian Sandworm group.

Security awareness training isn’t working to the level it needs to. Social engineering, however, is getting better. Why doesn’t awareness training work, and how can we improve it?

Oracle has released 508 new security patches as part of the July 2023 CPU, including more than 70 that address critical vulnerabilities

Citrix has patched several vulnerabilities, including CVE-2023-3519, a critical remote code execution zero-day that has been exploited in attacks.

Chrome 115 released with patches for 20 vulnerabilities, including 11 reported by external researchers, who earned thousands of dollars in bug bounties.

The two foreign companies are being sanctioned for “for trafficking in cyber exploits used to gain access to information systems.” 

The NSA and CISA have published guidance on hardening 5G standalone network slices against potential threats.

Olalekan Jacob Ponle, a Nigerian national living in the UAE, was sentenced to 8 years in a US prison for his role in an $8 million BEC scheme.

A threat actor’s real identity was uncovered after they infected their own computer with an information stealer.

Attackers have started exploiting CVE-2023-28121, a recent critical vulnerability in the WooCommerce Payments WordPress plugin.

New US cyber program will label smart devices that are considered safer and less vulnerable to attacks.

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of UK telco TalkTalk.