Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more.
Multiple vulnerabilities in the OpENer stack could be exploited in attacks aimed at supervisory control and data acquisition (SCADA) and other industrial systems that use OpENer.
A critical vulnerability patched recently by networking and cybersecurity solutions provider Juniper Networks could allow an attacker to remotely hijack or disrupt affected devices.
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections.
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA.
Yesterday, the Biden Administration announced a set of measures aimed to impose costs on Russian cyber attackers for election influence operations, for the SolarWinds compromise, and for other cyberespionage incidents. The NSA, CISA, and the FBI releas…
Google’s Project Zero cybersecurity research unit on Thursday announced that it’s making some changes to its vulnerability disclosure policies, giving users 30 days to install patches before disclosing the technical details of a flaw.
Security response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations…
More than 40 organizations have been targeted in a global campaign focused on the COVID-19 vaccine cold chain infrastructure, which handles the distribution of vaccines and their storage at the required temperatures.