How the January 6 panel unearthed key details from little-known insiders
The story of January 6 has largely focused on a cast of very prominent characters, including former President Donald Trump…
Ghost CMS vulnerable to critical authentication bypass flaw
A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing…
Security Is a Second-Class Citizen in High-Performance Computing
Vendors and operators attempt to balance power and security, but right now, power is the highest goal.
Ransomware Attackers Bypass Microsoft’s ProxyNotShell Mitigations With Fresh Exploit
The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.
Microsoft pushes emergency fix for Windows Server Hyper-V VM issues
Microsoft has released emergency out-of-band (OOB) Windows Server updates to address a known issue breaking virtual machine (VM) creation on…
Paying Ransom: Why Manufacturers Shell Out to Cybercriminals
Lower cybersecurity awareness coupled with vulnerable OT gear makes manufacturers tempting targets, but zero trust can blunt attackers’ advantages.
Ransomware gang uses new Microsoft Exchange exploit to breach servers
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code…
Microsoft Warns on ‘Achilles’ macOS Gatekeeper Bypass
The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.
The Equifax Breach Settlement Offer is Real, For Now
Millions of people likely just received an email or snail mail notice saying they're eligible to claim a class action…
3 Trends Shaping the Future Of Attack Surface Management
By David Monnier, Team Cymru Fellow Will your organization become the next big cyberattack reported in the news? […] The…