Hi, what are you looking for?
The Biden administration on Thursday announced the U.S. is expelling 10 Russian diplomats and imposing sanctions against dozens of companies and people, holding the Kremlin accountable for interference in last year’s presidential election and the cyber hacking of federal agencies.
A researcher has made public an exploit and details for an unpatched vulnerability affecting Chrome, Edge and other web browsers that are based on the open source Chromium project. This is the second Chromium proof-of-concept (PoC) exploit released this week.
[UPDATE - US Imposes New Round of Sanctions on Russia] The Biden administration is preparing to announce sanctions in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference, a senior administration official said.
NVIDIA this week unveiled Morpheus, a cloud-native application framework designed to help cybersecurity providers analyze more data without sacrificing performance.
Ireland’s privacy regulator said Wednesday it has opened an investigation into Facebook after data on more than 500 million users was reportedly found dumped online, in a suspected violation of strict European Union privacy rules.
Japanese video game giant Capcom revealed on Tuesday that, as part of the November 2020 ransomware attack, adversaries targeted an older backup VPN device for initial access.
Despite the coronavirus pandemic, 2020 was a record year in terms of venture capital funding for cybersecurity companies, with more than $7.8 billion invested, according to a new report from business information platform Crunchbase.
On Tuesday, as part of its April 2021 Security Patch Day, SAP announced the release of 14 new security notes and 5 updates to previously released notes. The only new Hot News note released with this round of patches addresses a critical vulnerability in SAP Commerce.
Siemens released a total of 14 new advisories on Tuesday, including five describing the impact and remediations for the NAME:WRECK vulnerabilities disclosed on the same day.
FBI agents executed a court-authorized cyber operation to delete malicious web shells from hundreds of previously hacked Microsoft Exchange servers in the United States, unbeknownst to their owners, the U.S. Department of Justice (DoJ) said Tuesday.
Popular TCP/IP stacks are affected by a series of Domain Name System (DNS) vulnerabilities that could be exploited to take control of impacted devices, researchers with IoT security firm Forescout reveal.
Google’s problems with in-the-wild Chrome browser zero-days appear to be multiplying by the month.
The organization that oversees Sweden’s national sports federations was hacked by Russian military intelligence in 2017-18, officials said Tuesday, in a data-breaching campaign that also affected some of the world’s leading sporting bodies, including FIFA and the World Anti-Doping Agency.
Data from FireEye’s Mandiant incident response division shows that the time it takes organizations to detect a malicious hacker attack continues to drop, but it’s not only due to better threat detection capabilities.
Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new critical security flaws that expose businesses to remote code execution attacks.
Adobe on Tuesday announced patches for vulnerabilities in four of its products, including critical code execution flaws affecting Photoshop and Bridge.
An exploit is now publicly available for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station video management system.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published details on additional malware identified on compromised Microsoft Exchange servers, namely China Chopper webshells and DearCry ransomware.
A researcher has made public a proof-of-concept (PoC) exploit for a recently discovered vulnerability affecting Chrome, Edge and other Chromium-based web browsers.
A former Kansas utility worker has been charged with remotely tampering with a public water system’s cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers.
The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
Palo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI.
California Water Service says there is no indication of operational disruptions to its water and wastewater systems.
