15K Fortinet Device Configs Leaked to the Dark Web
The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic…
SAP fixes critical vulnerabilities in NetWeaver application servers
SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access…
MikroTik botnet uses misconfigured SPF DNS records to spread malware
A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and…
Microsoft Rings in 2025 With Record Security Update
Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting.
January Windows updates may fail if Citrix SRA is installed
Microsoft is warning that the January 2025 Windows 11 and Windows 10 cumulative updates may fail if Citrix Session Recording Agent…
Newsom suspends CA environmental law to eliminate ‘roadblocks’ for wildfire victims rebuilding homes
Gov. Gavin Newsom lifted California's environmental review process for building laws for victims who lost their homes during the wildfire.
Elevating Security: The Crucial Role of Effective API Management in Today’s Digital Landscape
In today’s digital landscape, the increasing reliance on Application Programming Interfaces (APIs) brings significant security challenges that organizations must address.…
Scammers file first — Get your IRS Identity Protection PIN now
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to…
Russia Carves Out Commercial Surveillance Success Globally
Growing sales of the System for Operative Investigative Activities (SORM), a Russian wiretapping platform, in Central Asia and Latin American…
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in…