Critical vulnerabilities remain unresolved due to prioritization gaps

Fragmented data from multiple scanners, siloed risk scoring and poor cross-team collaboration are leaving organizations increasingly exposed to breaches, compliance failures and costly penalties, according to Swimlane. The relentless... Read more »

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published... Read more »

Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues. Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities in Windows... Read more »

5 Emerging AI Threats Australian Cyber Pros Must Watch in 2025

AI cloning and deepfakes rank among the top challenges for Australian cybersecurity professionals in 2025. Read more »

UK Considers Banning Ransomware Payments

The proposed mandate intends to discourage criminals from targeting critical national infrastructure and public services, as there will be no financial motivation. Read more »

Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks

Microsoft’s monthly patches cover Hyper-V NT Kernel Integration VSPs, Git in Visual Studio, and more. Read more »

U.S. CISA adds Fortinet FortiOS to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiOS authorization... Read more »

Rsync vulnerabilities allow remote code execution on servers, patch quickly!

Six vulnerabilities have been fixed in the newest versions of Rsync (v3.4.0), two of which could be exploited by a malicious client to achieve arbitrary code execution on a... Read more »

Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation

The proposed HIPAA Security Rule introduces mandatory measures to prevent malicious cyberattacks in health care. Read more »

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS... Read more »
Subscribe to our Newsletter