Latest News

Evidence suggests that the Cl0p ransomware group has known about and conducted tests with the recently patched MOVEit zero-day since mid-2021.

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Google Cloud is offering up to $1 million in financial protection to cover expenses associated with undetected cryptomining attacks.

As it pushes to renew a cornerstone law that authorizes major surveillance programs, the Biden administration faces an American public that’s broadly skeptical of common intelligence practices and of the need to sacrifice civil liberties for security.

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a platform. 

Japanese pharmaceutical company Eisai says it has taken systems offline after falling victim to a ransomware attack.

Vulnerabilities found by a researcher in a Honda ecommerce platform used for equipment sales exposed customer and dealer information.

Researchers believe North Korea-linked Lazarus Group has stolen at least $35 million in cryptocurrency from Atomic Wallet.

Cisco releases fixes for a critical-severity vulnerability in Expressway series and TelePresence Video Communication Server (VCS).

Barracuda Networks is telling customers to immediately replace hacked ESG email security appliances regardless of the patches they installed.

Google’s June 2023 security update for Android patches more than 50 vulnerabilities, including an Arm Mali GPU flaw exploited by spyware vendors.

The Cl0p cyber-extortion gang’s hack of the MOVEit file-transfer program popular with enterprises could have widespread global impact.

Sysdig is launching what it claims to be the first CNAPP with end-to-end detection and response, consolidating CNAPP and CDR.

Staying the course and sticking to strategic goals allows security professionals to steadily and continually improve the security posture of their organization.

VMware ships urgent patches to cover security defects that expose businesses to remote code execution attacks.