Security fixes have been issued that address three high-severity vulnerabilities in several versions of the Internet Systems Consortium (ISC’s) Berkeley Internet Name Domain (BIND DNS Flaw) 9. An attacker might...
Several data breaches were reported this year that were typically due to ransomware attacks, phishing campaigns, and other social engineering techniques, resulting in millions of dollars losing organizations worldwide....
Organizations are working to educate and train the next generation of professionals to fill critical cybersecurity vacancies, but private sector firms need to change their hiring...
APT28 (aka BlueDelta, Fancy Bear, Sednit, and Sofacy), a threat group connected to Russia’s GRU, hacked the Roundcube email servers of over 40 Ukrainian organizations, including...
The National Security Cyber Section will work to “increase the scale and speed of disruption campaigns and prosecutions” against cybercriminals, an official said this week. The...
The National Institute of Standards and Technology aims to provide a practical guide to address unique cyber challenges impacting America’s complex water systems. The National Institute...
Speaking during a Cybersecurity Advisory Committee meeting, CISA Director Jen Easterly noted that corporate responsibility for cyber must stand “as a matter of good governance.” Increased...
Zyxel is warning its NAS (Network Attached Storage) devices users to update their firmware to fix a critical severity command injection vulnerability. The newly discovered vulnerability, CVE-2023-27992,...
Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and potentially fully take over the target’s...
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot,...