Connect with us
Federal CISO Chris DeRusha says he doesn’t want to tie agencies’ hands regarding self attestation versus third-party verification of vendor practices. The Office of Management and...
A new report details the role cryptocurrencies play in incentivizing ransomware attacks and the government’s response. Ransomware attacks are on the rise but federal agencies do...
The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws over the past two days, including flaws for...
A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack...
The popular Screencastify Chrome extension has fixed a vulnerability that allowed malicious sites to hijack users’ webcams and steal recorded videos. However, security flaws still exist...
Trend Micro says it patched a DLL hijacking flaw in Trend Micro Security used by a Chinese threat group to side-load malicious DLLs and deploy malware. As...
Proof-of-concept exploit code is about to be published for a vulnerability that allows administrative access without authentication in several VMware products. Identified as CVE-2022-22972, the security...
PyPI module ‘ctx’ that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer’s environment...
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to...
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Whoever is behind these attacks took advantage...
