The industrial manufacturing company Siemens has disclosed several critical and high-severity vulnerabilities discovered in its products, including a heap-based buffer overflow flaw in the SIMATIC devices' SINEMA Remote Connect Server (SRCS) Virtual…

Despite existing defenses, older AMD and Intel chips are vulnerable to another Spectre-based speculative-execution attack that exposes secrets within kernel memory. It is expected that mitigating this side-channel will have an impact on performance. The…

The Department of Health and Human Services' (HHS) Office of Civil Rights (OCR) has agreed to implement a feedback mechanism by including language and contact information in the confirmation email that healthcare entities receive. OCR also intends to…

Software maker Adobe has recently rolled out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented vulnerabilities, some severe enough to allow arbitrary code execution attacks.  The patches recently…

Known as BlackCat and Noberus, ALPHV emerged in November 2021 as the first ransomware family coded using the Rust programming language. To date, the ALPHV cybergang has compromised more than 100 organizations. Security researchers at Resecurity…

According to a recent study by unified asset intelligence platform Armis of more than 100 security professionals, about 40 percent consider asset visibility the largest challenge confronting their organizations. Over half (54 percent) of respondents cite…

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has announced a new solicitation in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) that addresses vulnerabilities in software, which is…

Lithuanian energy company Ignitis Group was recently hit by what it described as its "biggest cyberattack in a decade" when numerous distributed denial of service (DDoS) attacks were aimed at it, disrupting its digital services and websites.  Pro-…

For online shoppers, Amazon Prime Day has become an annual retail event, an opportunity to pick up bargains and save money.  Security researchers at Avanan have warned of an increase in phishing and credential harvesting email attempts in June…

A team of researchers at Ben-Gurion University of the Negev and Tel Aviv University have proven that it is possible for attackers to create a face mask capable of defeating modern facial recognition systems. They validated the effectiveness of their…

A new callback phishing campaign impersonates well-known security firms in order to trick potential victims into making a phone call that will instruct them to download malware. CrowdStrike Intelligence researchers discovered the campaign because…

Securing the infrastructure remains challenging as more organizations migrate their data, applications, and workloads to the cloud. Because security teams do not always know what is going on in each cloud environment, it is difficult to detect when…