No matter how much people hear “data safety,” they still can get sloppy about their cybersecurity.


Talk of the Cookie monster and the image that instantly pops in our head is that of the lovable Sesame Street Muppet who is eternally hungry and devours just about anything.


As a business owner, you know how important it is to keep your business data safe and secure. Perhaps you have already even invested in cybersecurity solutions such as antivirus platforms and firewalls. But, do you have a password management system?


Apple has rolled out an update for its macOS Big Sur operating system to address a bevy of security flaws, including a vulnerability that could allow malware to circumvent the operating system’s built-in protection mechanisms.


Adobe has released security patches for vulnerabilities now resolved in seven of its products. The impacted software is Photoshop, Illustrator, Animate, Bridge, InCopy, Captivate, and Campaign Classic.


Zyxel devices contain a hardcoded administrative backdoor account in firmware version 4.60, that can grant attackers admin level access to devices via either the SSH interface or the web administration panel.


On Dec. 13, the cyber community observed one of the most significant cybersecurity events of our time, impacting both commercial and government organizations worldwide.


This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC).


The Trend Micro InterScan Web Security Virtual Appliance (IWSVA) is affected by multiple critical security issues. Unauthenticated attackers are able to gain root access to the appliance via chained attack vectors, such as CSRF protection bypass, authorization & authentication bypass, and more.


Two federal agencies and FireEye were breached through updates of widely used IT infrastructure management software - the Orion network monitoring product from SolarWinds.


Microsoft has published 58 security fixes across 10+ products and services, as part of the company's monthly batch of security updates, known as Patch Tuesday. More than a third of these patches (22) are classified as remote code execution (RCE) vulnerabilities. 


Business Email Compromise (BEC) scammers are exploiting web-based email clients’ autoforwarding rules to intersect financial transactions.


Thirteen years old malware Bandook variants once again targets multiple sectors. Dozens of digitally signed variants of this malware started to reappear in the threat landscape.


Microsoft released patches for 112 unique common vulnerabilities and exposures (CVEs), 17 of which were considered critical.


Apple has patched the three zero-day vulnerabilities with latest release of iOS 14.2. Human Operated ransomware RansomeEXX's Operators developed new ELF executable to infect Linus based operating systems. 


Google has patched two new Chrome zero-day vulnerabilities currently being exploited that researchers say, if left unpatched, could allow hackers to compromise user devices.


Google has rolled out an update to its Chrome web browser that fixes five security flaws, including a vulnerability that is known to be actively exploited by attackers.


A Tennessee firm that provides health data management services has agreed to pay the United States Office for Civil Rights (OCR) $2.3m to settle charges related to a data breach. The healthcare industry is a known target for hackers and cyberthieves. 


Hospital patients have been warned that data that was on the Blackbaud systems affected by the cyber-attack may have included their name, date of birth, address, contact information, attending doctor, insurance provider, and medical service department.


According to security researchers, millions of WordPress sites are being probed in automated attacks looking to exploit a recently discovered plugin vulnerability. Wordfence, which produces a plugin for the platform, revealed news of the zero-day bug at the start of September.


A cyber attack has shut down virtual classes in a Los Angeles school district two weeks after the FBI issued a cybersecurity warning to schools offering online learning. 


Security researchers have discovered a new ransomware strain targeting macOS users.


A vulnerability in the Integrated Dell Remote Access Controller (iDRAC) that could allow cyber-criminals to gain full control of server operations has been detected.


A Florida Tax Collector's Office has blamed malware found on an employee's computer for a data breach that affected around 450,000 residents of Polk County. 


Researchers have once again spotted crooks using calendar invitations to mount phishing attacks. The Cofense Phishing Defense Center found the attack in enterprise email environments protected by Proofpoint and Microsoft, it announced last week.


The Tennessee city of Knoxville has been forced to shut down its computer network after falling victim to a ransomware attack. Cyber-criminals mounted their attack on the county seat of Knox County in the early hours of Thursday, June 11.


Bank of America Corporation has disclosed a data breach affecting clients who have applied for the Paycheck Protection Program (PPP).