August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild. Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being ...

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. New research indicates that over 80,000 Hikvision surveillance cameras in ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Environmentalists and policymakers warn water treatment plants are ripe for attack. Industrial controls governing water-related U.S. critical infrastructure are woefully under-estimated as cyberattack ...

One cryptography expert said that ‘serious flaws’ in the way Samsung phones encrypt sensitive material, as revealed by academics, are ’embarrassingly bad.’ Samsung shipped an estimated 100 million ...

WeTransfer is being used by hackers to circumvent email gateways looking to zap malicious links. Hackers are abusing the popular file-sharing service called WeTransfer to circumvent defensive email ...

The security bug could crop up, so to speak, in any number of Java applications. NOTE: This post is about the confirmed and patched vulnerability tracked as CVE-2022-22963. While the researchers at ...

The websites of the company and the Expresso newspaper, as well as all of its SIC TV channels remained offline Tuesday after the New Year’s weekend attack. Media giant Impresa, which owns the largest ...

The large January 2022 Patch Tuesday update covers nine critical CVEs, including a self-propagator with a 9.8 CVSS score. Microsoft has addressed a total of 97 security vulnerabilities in its January ...

The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked. Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ...

A dump of hundreds of thousands of active accounts is aimed at promoting AllWorld.Cards, a recently launched cybercriminal site for selling payment credentials online. Threat actors have leaked 1 ...

The living-off-the-land binary (LOLBin) is anchoring a rash of cyberattacks bent on evading security detection to drop Qbot and Lokibot. A Windows living-off-the-land binary (LOLBin) known as Regsvr32 ...