A new spike in ESXiArgs ransomware infections has emerged in the last couple of days, targeting servers in the UK and Europe.
In its February patch release, Microsoft fixed three vulnerabilities in Windows that have been actively exploited.
CISA, the FBI, and NSA are warning about ongoing ransomware attacks by North Korean groups that target government agencies and defense companies.
New data from Dragos shows that ransomware attacks against ICS systems are increasing, and sophisticated malware designed for those environments is now a reality.
A phishing attack allowed an attacker to steal a Reddit employee's credentials and gain access to some internal company systems last week.
The U.S. and U.K. governments have sanctioned seven Russian men whom they allege are members of the Trickbot cybercrime group.
Fortra has released version 7.12 of its GoAnywhere mFT file transfer tool to fix a zero day that has been under active attack.
New versions of OpenSSL fix several vulnerabilities, including one high-severity bug that could lead to memory disclosure.
A wave of ransomware attacks is targeting VMware ESXi servers that are vulnerable to CVE-2021-21974.
A Linux version of the Cl0p ransomware has been identified, but it has a flaw in its encryption routine that allowed researchers to build a decryptor for it.
Wendy Nather, who leads the Advisory CISO team at Cisco, talks about the shift of security from a control organization to a service organization.
Atlassian has fixed a critical authentication bypass flaw in Jira Service Management.
Michelle Finneran Dennedy, co-founder of Privacy Code and co-author of The Privacy Engineer's Manifesto, joins Dennis Fisher to talk about her new startup, her path from studying psychology to becoming the first chief privacy officer at Sun and Cisco, and what everyone gets wrong about privacy.
New data compiled by Cyentia Institute and SecurityScorecard shows that 98 percent of organizations have a direct relationship with a company that has been breached recently.
A new vulnerability has emerged in the F5 BIG-IP security appliances that can allow an attacker to crash the device.