The Federal Bureau of Investigation (FBI) said today that the amount of money lost to business email compromise (BEC) scams continues to grow each year, with...
GitHub announced today that all users who contribute code on its platform (an estimated 83 million developers in total) will be required to enable two-factor authentication (2FA)...
How should organizations in the healthcare sector respond to outage due to a serious cyberattack? The Healthcare and Public Health Sector Coordinating Council’s (HSCC) Cybersecurity Working...
Google said today that a Chinese-sponsored hacking group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF) is targeting Russian government agencies. The company’s...
A vulnerability in the domain name system (DNS) component of a popular C standard library that is present in a wide range of IoT products may put millions of...
Microsoft says that its enterprise-grade endpoint security for small to medium-sized businesses is now generally available as a standalone solution. Known as Microsoft Defender for Business, this product is designed...
Phishing actors abuse Google’s SMTP relay service to bypass email security products and successfully deliver malicious emails to targeted users. According to a report from email...
Armis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches. Collectively dubbed TLStorm 2.0, the vulnerabilities stem...
Comments are due June 27 on an associated draft special publication. The National Institute of Standards and Technology wants to know how it did building a...
The Open Web Application Security Project (OWASP) has fixed a vulnerability in its Enterprise Security API (ESAPI) that, if left unresolved, might have been abused to run path traversal attacks. The issue,...