Volt Typhoon And The Disruption Of The U.S. Cyber Strategy

Uncle Sam Intervenes As Change Healthcare Ransomware Fiasco Creates Mayhem

An Air Force Employee Shared Highly Classified Data Via Dating App

Discord Leaker Jack Teixeira Pleads Guilty, Seeks Light 11-Year Sentence

German Authorities Take Down Crimemarket Cybercrime Website

CISA Warns Of Windows Streaming Service Vulnerability Exploitation

Court Orders Makers Of Pegasus Spyware To Hand Over Code To WhatsApp

Ivanti Attacks Linked To Espionage Group Targeting Defense Contractors

Windows Zero Day Exploited By North Korean Hackers In Rootkit Attack

Australian Spy Chief Fears Sabotage Of Critical Infrastructure

Iranian Hackers Target Aviation And Defense Sectors In Middle East

Top 3 NIST Cybersecurity Framework 2.0 Takeaways

US Bans Trading With Canadian Network Intelligence Firm Sandvine

Russian Cyberespionage Group APT29 Targeting Cloud Vulnerabilities

NIST Cybersecurity Framework 2.0 Officially Released

Hackers For Sale: What We Learned From China's Massive Cyber Leak

US Leading Global Alliance To Counter Foreign Government Disinformation

The U.S. Military Is Monitoring Another High Altitude Balloon

Oh Geez The Coast Guard Is Just Now Going To Think About Infosec?

An Online Dump Of Chinese Hacking Documents Offers A Rare Window Into Pervasive State Surveillance

Vietnam To Collect Biometrics - Even DNA - For New ID Cards

Law Enforcement Hacks LockBit Ransomware, Delivers Major Blow To Operation

FBI Most Wanted Cybergang Boss Pleads Guilty

Feds Post $15 Million Bounty For Info On ALPHV/BlackCat Ransomware Crew

Russia Exploits Roundcube Flaws Against European Governments

Feds Dismantle Russian GRU Botnet Built On 1,000+ Home, Small Biz Routers

Ex-Employee's Admin Credentials Used In US Gov Agency hack

USPS Scam Smishing Campaigns Could Move To Cloud

Feds Want To Ban The World's Cutest Hacking Device. Experts Say It's A Scapegoat

Backdoors That Let Cops Decrypt Messages Violate Human Rights, EU Courts Says

Microsoft, OpenAI Reveal ChatGPT Use By State-Sponsored Hackers

Prudential Financial Discloses Data Breach

Deepfake Proofing The President: What Is Cryptographic Verification?

What Is Volt Typhoon And Why Is It The Defining Threat Of Our Generation?

Uncle Sam Sweetens The Pot With $15M Bounty On Hive Ransomware Gang Members

US Says China's Volt Typhoon Hackers Pre-Positioning For Cyberattacks Against Critical Infrastructure

Rhysida Ransomware Cracked, Free Decryption Tool Released

Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA). "Through a comprehensive analysis of Rhysida Ransomware, we identified an

Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros

The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246 (CVSS score: 7.8), the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have

Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback

NSO Group, creator of the infamous Pegasus spyware, is spending millions on lobbying in Washington while taking advantage of the crisis in Gaza to paint itself as essential for global security.

What is Nudge Security and How Does it Work?

In today’s highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a critical boon to productivity and innovation in the digital enterprise, it has upended traditional approaches to IT security and governance. Nudge Security is the world’s first and only solution to address

Bitcoin ETF Hopefuls Still Expect SEC Approval Despite Social Media Hack

Ukraine: Russia Hacked Webcams To Aid Missile, Drone Strikes On Kyiv

SpectralBlur macOS Backdoor Linked To North Korea

Court Hearings Become Ransomware Concern After Breach

5 Ways to Reduce SaaS Security Risks

As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised

Hackers Hit Australian State's Court Recording Database

Google Settles $5 Billion Consumer Privacy Lawsuit

NASA Launches Cybersecurity Guide For Space Industry

2023 Rewind: The Year In Cybersecurity

Iranian Hackers Target US Defense Sector With New Backdoor

ESO Solutions Data Breach Impacts 2.7 Million Individuals

INTERPOL Arrests 3,500 Suspects In Sweeping Cybercrime Operation

New QakBot Phishing Campaign Appears After FBI Takedown

Hacktivists Shut Down Iran's Gas Pumps

A Top Secret Chinese Spy Satellite Just Launched On A Supersized Rocket

Unmasking the Dark Side of Low-Code/No-Code Applications

Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation, where business users are empowered to create applications swiftly using platforms like Microsoft PowerApps, UiPath, ServiceNow, Mendix, and OutSystems? The simple truth is often swept under

Suspects Can Refuse To Provide Phone Passcodes To Police, Court Rules

Harry Coker Confirmed As National Cyber Director

Think Tank Report Labels NSO, Lazarus As Cyber Mercenaries