CISA Director Jen Easterly called on technology companies to focus on building products more securely and to stop shifting the burden for safety to customers.
A new backdoor called WinorDLL that is potentially the work of the Lazarus Group has been found onn victim machines in several countries.
A newly identified attack group known as Hydrochasma has targted medical and shipping companies in Asia with spear phishing campaigns that use freely available tools.
Fortinet has patched a critical remote code execution bug in its FortiNAC product.
A critical remote code execution vulnerability has been fixed in the ClamAV anti-malware engine.
J Wolfgang Goerlich, Advisory CISO for Cisco Secure, talks about why relationships are so important for CISOs when interacting with organizational leadership teams.
A new spike in ESXiArgs ransomware infections has emerged in the last couple of days, targeting servers in the UK and Europe.
In its February patch release, Microsoft fixed three vulnerabilities in Windows that have been actively exploited.
CISA, the FBI, and NSA are warning about ongoing ransomware attacks by North Korean groups that target government agencies and defense companies.
New data from Dragos shows that ransomware attacks against ICS systems are increasing, and sophisticated malware designed for those environments is now a reality.
A phishing attack allowed an attacker to steal a Reddit employee's credentials and gain access to some internal company systems last week.
The U.S. and U.K. governments have sanctioned seven Russian men whom they allege are members of the Trickbot cybercrime group.
Fortra has released version 7.12 of its GoAnywhere mFT file transfer tool to fix a zero day that has been under active attack.
New versions of OpenSSL fix several vulnerabilities, including one high-severity bug that could lead to memory disclosure.
A wave of ransomware attacks is targeting VMware ESXi servers that are vulnerable to CVE-2021-21974.