Taiwan-based network-attached storage (NAS) maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices’ security. The improper access control vulnerability tracked as CVE-2021-28809 was found...
Most businesses don’t take cybersecurity seriously until it’s too late. When Colonial Pipeline CEO Joseph Blount sat before lawmakers to explain the recent ransomware attack, he...
Yearn Finance, the decentralized finance (DeFi) protocol, has launched a bug bounty program with Immunefi. Live since July 1, the program will pay out between $20,000 and $200,000 for critical...
A data breach at a third-party provider has potentially exposed the private medical information of patients at Northwestern Memorial HealthCare (NMHC) providers. Unknown actors gained unauthorized access to...
Kaseya’s VSA product has been the victim of a sophisticated ransomware attack, affecting 60 Kaseya customers and an estimated 1,500 downstream businesses. Attackers are allegedly demanding $70 million in return for a universal...
GitLab has resolved a raft of vulnerabilities – including two high-impact web security flaws – with an update to its software development platform. A cross-site request forgery (CSRF)...
US water company WSSC Water is investigating a ransomware attack that affected non-essential business systems in May. WSSC Water is investigating a ransomware attack that took place on...
The recent ban of ransomware ads on well-known Russian-speaking cybercrime forums (Exploit and XSS) has forced cybercriminals to promote their service using alternative methods. Two ransomware gangs, identified...
Only a couple of weeks after the initial iPhone Wi-Fi bug was found, the same security researcher Carl Schou has found another similar issue. Schou tweeted today...
The Biden Administration imposed sanctions on Russia, ordered new cybersecurity standards for federal contracts with software companies, and chose the nation’s first National Cyber Director. In...