The U.S. and U.K. governments have sanctioned seven Russian men whom they allege are members of the Trickbot cybercrime group.
Fortra has released version 7.12 of its GoAnywhere mFT file transfer tool to fix a zero day that has been under active attack.
New versions of OpenSSL fix several vulnerabilities, including one high-severity bug that could lead to memory disclosure.
A wave of ransomware attacks is targeting VMware ESXi servers that are vulnerable to CVE-2021-21974.
A Linux version of the Cl0p ransomware has been identified, but it has a flaw in its encryption routine that allowed researchers to build a decryptor for it.
Wendy Nather, who leads the Advisory CISO team at Cisco, talks about the shift of security from a control organization to a service organization.
Atlassian has fixed a critical authentication bypass flaw in Jira Service Management.
Michelle Finneran Dennedy, co-founder of Privacy Code and co-author of The Privacy Engineer's Manifesto, joins Dennis Fisher to talk about her new startup, her path from studying psychology to becoming the first chief privacy officer at Sun and Cisco, and what everyone gets wrong about privacy.
New data compiled by Cyentia Institute and SecurityScorecard shows that 98 percent of organizations have a direct relationship with a company that has been breached recently.
A new vulnerability has emerged in the F5 BIG-IP security appliances that can allow an attacker to crash the device.
Exploit traffic against the Fortinet VPN CVE-2022-43475 vulnerability have spiked in recent weeks.
Researchers have developed an exploit for a group of vulnerabilities in VMware vRealize Log Insight that can lead to remote code execution as root.
An attacker exfiltrated three encrypted code-signing certificates from GitHub used to sign versions of Desktop for Mac and Atom.
The ISC has released a fix for a serious denial-of-service vulnerability in many versions of BIND 9.
The FBI and international alw enforcement agencies have taken down the Hive ransomware infrastructure.