This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog.…
Researchers have uncovered several spyware campaigns that target industrial enterprises, aiming to steal email account credentials and conduct financial fraud…
Security analysts have discovered and linked MoonBounce, "the most advanced" UEFI firmware implant found so far in the wild, to the Chinese-speaking APT41…
Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. [...]
Protecting Critical Infrastructure Against Cyberattacks
Understanding how attackers get in is the critical first step to mounting an effective defense. By Sean Deuby […] The…
CISA adds 17 vulnerabilities to list of bugs exploited in attacks
This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog.…
‘Anomalous’ spyware stealing credentials in industrial firms
Researchers have uncovered several spyware campaigns that target industrial enterprises, aiming to steal email account credentials and conduct financial fraud…
Enterprises Are Sailing Into a Perfect Storm of Cloud Risk
Policy as code and other techniques can help enterprises steer clear of the dangers that have befallen otherwise sophisticated cloud…
New MoonBounce UEFI malware used by APT41 in targeted attacks
Security analysts have discovered and linked MoonBounce, "the most advanced" UEFI firmware implant found so far in the wild, to the Chinese-speaking APT41…
Microsoft fixes Windows 10 search issues in Outlook desktop app
Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. [...]
What Happens to My Organization If APIs Are Compromised?
Once attackers have obtained access, they can compromise other systems or pivot within your networks.
Revamped Community-Based DDoS Defense Tool Improves Filtering
Team Cymru updates its Unwanted Traffic Removal Service (UTRS), adding more granular controls and greater ranges of both IPv4 and…
Office 365 phishing attack impersonates the US Department of Labor
A new phishing campaign impersonating the United States Department of Labor asks recipients to submit bids to steal Office 365…
Windows Server 2019 OOB update fixes reboots, Hyper-V, ReFS bugs
Microsoft has released an emergency out-of-band (OOB) update for Windows Server 2019 that fixes numerous critical bugs introduced during the January…