The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is proposing security requirements to prevent adversary states from accessing American's personal data as well as government-related information.

Microsoft has released the optional KB5045594 preview cumulative update for Windows 10 22H2 with fixes for problems printing to multi-function printers and other issues.

Customer service platform Zendesk said it worked with the Internet Archive to help resolve a breach that allowed a hacker to respond to emails on behalf of the platform.

Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches.

Officials from U.S. intelligence agencies are warning that foreign adversaries — especially Russia — will intensify their influence efforts in the final two weeks before the U.S. election and will seek to undermine the legitimacy of the election process afterward.

The Securities and Exchange Commission (SEC) said Check Point, Avaya, Unisys and Mimecast would each pay fines related to how they disclosed information related to the impact of the breach of SolarWinds software in 2020.

The SEC has charged four companies—Unisys Corp, Avaya Holdings, Check Point Software, and Mimecast—for allegedly misleading investors about the impact of their breaches during the massive 2020 SolarWinds Orion hack.

Democratic lawmakers are asking the Department of Justice to prosecute major tax preparation firms for sharing customers’ sensitive personal and financial data with Google and Meta, the latter of whom they say used the information for advertising and to train its artificial intelligence algorithm.

In this report, Kaspersky experts analyze recent Grandoreiro campaigns, new targets, tricks, and banking trojan versions.

Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the authentication process.

The SEC concluded that four tech companies misled investors and minimized the damage they suffered from the SolarWinds supply chain hack.

A supply chain hack targeting 100,000 websites was launched to redirect internet users to a massive online gambling network.

The European Court of Human Rights (ECtHR) issued a new ruling Tuesday stating that Russia’s foreign agents law violates a number of freedoms, and individuals wrongly affected by it should be compensated.

VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024.

Dan Jarvis, the U.K.'s security minister, says the country's options for improving its defenses against cybercrime and digital espionage include an overhaul of the 1990 Computer Misuse Act.

The State Department posted a $10 million reward for information related to Rybar, a Russian media outlet accused of trying to foment political and racial discord in the U.S.

Legal experts, technologists and tech-industry representatives say software liability is extremely difficult to design, with multiple competing approaches. But some lawmakers want to make it a top priority.

Officials are making progress on a far-reaching internal review dubbed “Cyber Command 2.0,” which is intended to revamp the digital warfighting organization for the future, as some in Congress are growing restless about its readiness problems and other potential issues.

Bitdefender alerts users to critical vulnerabilities in Total Security and SafePay, requiring immediate patching to protect against online risks.

Cyble’s Vulnerability Intelligence unit has detected cyberattacks on the Spring framework - and hundreds of thousands of IoT devices.

Cisco Talos recently discovered a phishing campaign using an open-source phishing toolkit called Gophish by an unknown threat actor.

Explore the Q3 2024 malware trends report from ANY.RUN to learn about the most prevalent malware families, types, and TTPs.

A new Consumer Financial Protection Bureau rule that gives consumers more choice over financial products and services includes significant privacy protections safeguarding individual’s data, the agency announced Tuesday.

Reversing of the C2C SpiCall Artemide Spartacus initiator of Exodus Android Spyware Campaign

Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the former Soviet Union.

This article will cover what appears to be a triple cyberattack on the IT systems of Rocky Mountain Gastroenterology (RMG), a medical clinic specializing in

The Stormous ransomware gang took credit for the theft on Monday, claiming to have stolen 300 gigabytes of data that includes “government-issued IDs, proof of address, financial statements, and user selfies.”