Middle market companies face an increasingly volatile cybersecurity environment, with threats coming from more directions than ever before and more skilled criminals targeting the segment, according...
Citrix warned customers to deploy security updates that address a critical Citrix Application Delivery Management (ADM) vulnerability that can let attackers reset admin passwords. Citrix ADM...
A new side-channel attack known as Hertzbleed allows remote attackers to steal full cryptographic keys by observing variations in CPU frequency enabled by dynamic voltage and...
The APWG’s Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks—the worst quarter for phishing observed to date. This...
Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco...
Internet infrastructure firm Cloudflare said today that it mitigated a 26 million request per second distributed denial-of-service (DDoS) attack, the largest HTTPS DDoS attack detected to...
A new way of carrying out phishing attacks is being adopted by criminal groups – and it could make threat actors virtually undetectable, security researchers warn....
PyPI packages ‘keep,’ ‘pyanxdns,’ ‘api-res-py’ were found to be containing a backdoor due to the presence of malicious ‘request’ dependency within some versions. For example, while most versions of ‘keep’...
A new hardware attack targeting Pointer Authentication in Apple M1 CPUs with speculative execution enables attackers to gain arbitrary code execution on Mac systems. Pointer Authentication...
Two flaws in the web interface of a Fujitsu cloud storage system could allow an unauthenticated attacker to read, write, and destroy backed up files. The...