SecurityWeek

The U.K.’s National Cyber Security Center (NCSC) has released a guide to help organizations get started with implementing a vulnerability disclosure process.

Representatives of the infosec community have signed an open letter in response to an amicus brief that mobile elections platform developer Voatz filed with the U.S. Supreme Court in the case of Nathan Van Buren.

The United States on Tuesday announced charges against two men from Iran and Palestine accused of defacing websites in response to the killing of Qasem Soleimani.

Microsoft on Tuesday announced the release of Project OneFuzz, an open source fuzzing framework for Azure that the tech giant has been using internally for the past year to find and patch bugs.

Threat actors affiliated with the Chinese Ministry of State Security (MSS) continue to target U.S. government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) says in a new alert.

The personal information of roughly 46,000 veterans was affected in a recent security incident, the U.S. Department of Veterans Affairs (VA) Office of Management said in a Monday statement.

Six European Union countries and the bloc’s executive Commission have begun testing a virtual “gateway” to ensure national coronavirus tracing apps can work across borders.

Oracle on Monday announced the general availability of its Cloud Guard and Maximum Security Zones cloud security tools.

Thousands of Magento-powered online stores have been hacked over the past few days as part of a skimming campaign that has been described as the “largest ever.”

A server misconfiguration has resulted in data pertaining to thousands of Razer customers being exposed to the Internet.A Singaporean-American manufacturer of gaming hardware, software, and systems, Razer also provides e-sports and financial services to its customers.

Virginia’s largest school system has been hacked and the attackers are seeking a ransom payment to keep them from disclosing stolen personal information.

Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron’s mobile device management (MDM) solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers.

The Central Bank of Seychelles (CBS) on Friday announced that the network of the Development Bank of Seychelles (DBS) was recently targeted in a ransomware attack.Established in 1977, DBS is majority owned by the government of Seychelles, but it is non-budgetary dependent and operates on a commercial basis.

American tech giant Microsoft said Sunday its offer to buy TikTok was rejected, leaving Oracle as the sole remaining bidder ahead of the imminent deadline for the Chinese-owned video app to sell or shut down its US operations.

A team at Temple University in Philadelphia has been tracking worldwide ransomware attacks on critical infrastructure, and anyone can request access to the data.

Several major industrial control system (ICS) vendors have released security advisories in response to the recently disclosed vulnerabilities affecting the CodeMeter licensing and DRM solution made by Germany-based Wibu-Systems.

Tehran on Friday hit back at allegations by Microsoft that Iran based hackers had targeted the US presidential campaigns, declaring it does not care about the election's outcome.

Video conferencing platform Zoom this week announced that all user accounts can now benefit from improved protection, courtesy of support for Two-Factor Authentication (2FA).With 2FA enabled on their accounts, users should be protected from security breaches, including those that originate from the Zoom platform itself, the company claims.

Attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager are ramping up, warns the Wordfence Threat Intelligence team at WordPress security company Defiant.

For the past year, Russia-linked threat actor Strontium has targeted hundreds of organizations in the United States and the United Kingdom to harvest account credentials, Microsoft reveals.