An active cyberattack campaign was spotted in the wild, targeting systems running unpatched or misconfigured SAP systems. Threat actors are exploiting these vulnerabilities to gain full control of the...
Advanced persistent threat actors are actively exploiting unpatched vulnerabilities in Fortinet FortiOS platforms belonging to technology services, government agencies, and other private sector...
VMware issued a software update for its vRealize Operations, Cloud Foundation, and Lifecycle Manage to address two severe flaws that could allow an attacker to steal admin credentials and manipulate or...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released another emergency directive designed to further mitigate vulnerabilities in on-prem Microsoft Exchange...
Around the world, healthcare entities are steadily making progress on vaccinating individuals against COVID-19. Many of these providers are relying on technology for vaccine appointment scheduling and...
The threat actors behind Mamba ransomware are weaponizing DiskCryptor, an open source full disk encryption software. The malware encrypts the entire drive, including the operating system, to restrict...
The Department of Health and Human Services Cybersecurity and Infrastructure Security Agency unveiled the CISA Hunt and Incident Response Program (CHIRP) tool, which is designed to support entities...
Microsoft unveiled a mitigation tool for small entities and others operating without a designated IT or security team, which is designed to automatically mitigate the recently...
At least 10 advanced persistent threat (APT) hacking groups are targeting unpatched, on-prem Microsoft Exchange servers, in an effort to exploit the vulnerability and take control of the impacted...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released new guidance to help support security leaders and administrators with risk decisions and remediation of...
The Assistant Secretary for Preparedness and Response is urging healthcare entities to path the four critical vulnerabilities found in certain Microsoft Exchange Servers, under active exploit....
The vaccine rollout has spurred an increase in nefarious activities tied to the response. Imperva found a whopping 372 percent surge in bad bot traffic against healthcare sites, while...
A host of security researchers are warning private sector organizations that threat actors are actively targeting a critical vulnerability found in Zyxel Communication platforms, in an effort to take...
The Department of Justice announced the indictment of six Russian-backed hackers behind the global 2017 NotPetya malware attack. Though the cyberattack began on a...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency is urging organizations to review a UK National Cyber Security Centre (NCSC) alert for a remote code execution...
Comparitech researchers discovered a trove of Broadvoice databases containing more than 350 million customer records, including names, contact details, and in some...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency urged all organizations to apply the patch for a remote code execution (RCE) vulnerability...
Advanced persistent threat (APT) hackers are targeting government networks, critical infrastructure, and election organizations by chaining vulnerabilities – a method of exploiting multiple...
A recent public exploit for an elevation of privilege vulnerability found in Microsoft’s Netlogon will make unpatched systems a prime target for cybercriminals, according to a recent...
The hacker known as TrueFighter has reemerged with a campaign actively targeting the remote desktop protocol (RDP) across all sectors, with those in the healthcare industry as...