Mike Fong, CEO of Privoro, stated that how each side collects the adversary's smartphone location data and shields their own could mean the difference between victory and defeat.  For soldiers on the battlefield, the act of turning on one's…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has updated its list of actively exploited bugs to include a vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS). This high severity security…

New data shows that half of untrained users in the consulting, energy, and healthcare industries fall victim to phishing attacks. According to data gathered from the clients of the security awareness training provider KnowBe4, 32.4 percent of users will…

Lenovo has released fixes to address three security flaws discovered in its UEFI firmware, which affects over 70 product models. According to the Slovak cybersecurity firm ESET, the vulnerabilities can be exploited to achieve arbitrary code execution in…

Microsoft researchers discovered a massive phishing campaign that can steal credentials even if a user has enabled multi-factor authentication (MFA). The campaign has attempted to compromise more than 10,000 organizations. It has been running since…

The industrial manufacturing company Siemens has disclosed several critical and high-severity vulnerabilities discovered in its products, including a heap-based buffer overflow flaw in the SIMATIC devices' SINEMA Remote Connect Server (SRCS) Virtual…

Despite existing defenses, older AMD and Intel chips are vulnerable to another Spectre-based speculative-execution attack that exposes secrets within kernel memory. It is expected that mitigating this side-channel will have an impact on performance. The…

The Department of Health and Human Services' (HHS) Office of Civil Rights (OCR) has agreed to implement a feedback mechanism by including language and contact information in the confirmation email that healthcare entities receive. OCR also intends to…

Software maker Adobe has recently rolled out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented vulnerabilities, some severe enough to allow arbitrary code execution attacks.  The patches recently…

Known as BlackCat and Noberus, ALPHV emerged in November 2021 as the first ransomware family coded using the Rust programming language. To date, the ALPHV cybergang has compromised more than 100 organizations. Security researchers at Resecurity…

According to a recent study by unified asset intelligence platform Armis of more than 100 security professionals, about 40 percent consider asset visibility the largest challenge confronting their organizations. Over half (54 percent) of respondents cite…

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has announced a new solicitation in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) that addresses vulnerabilities in software, which is…