Attackers have historically exploited vulnerabilities in Citrix Gateway and ADC in order to target organizations.
Lenovo has patched three vulnerabilities in the BIOS in many of its laptops that could allow an attacker to modify the secure boot process.
Microsoft did not give further details about the exploitation efforts against the flaws disclosed on Tuesday.
Apple has fixed four flaws in its Xcode IDE, including a remote code execution flaw in Git (CVE-2022-39260).
Nation-state actors are targeting critical infrastructure, the IT supply chain and unpatched flaws in an effort to advance evolving strategic political objectives and to reach a wider set of targets.
Researchers have uncovered a new business email compromise group impersonating well-known law firms and attorneys to trick targets into paying fake invoices.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
A new Lookout report highlights a tangle of government mobile device security challenges, including the use of outdated or unmanaged devices, and a rise in phishing attacks targeting credentials.
Dave Lewis, Global Advisory CISO at Cisco, talks about the top takeaways of the 2022 Duo Trusted Access Report and the driving factors behind increased adoption of WebAuthn, MFA and biometrics.
Researchers at SentinelLabs have identified several links between the Black Basta ransomware actors and the FIN7 cybercrime group.
OpenSSL 3.0.7 fixes two high-risk buffer overflows in Punycode decoding (CVE-2022-3786 and CVE-2022-3602), one of which can lead to remote code execution.
Details have been disclosed on a remote code execution flaw in Azure Cosmos DB, which was previously fixed by Microsoft in October.
Thousands of internet-exposed servers remain vulnerable to the critical-severity ConnectWise flaw.
VMware Cloud Foundation is impacted by a remote code execution vulnerability in the XStream open source library.
OpenSSL will patch a critical security flaw in version 3.0.x on Nov.1, though details of the bug are still private.