CISA Order Highlights Persistent Risk at Network Edge

CISA Order Highlights Persistent Risk at Network Edge

The U.S. government agency in charge of improving the nation's cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes ...
Many Public Salesforce Sites are Leaking Private Data

Many Public Salesforce Sites are Leaking Private Data

A shocking number of organizations -- including banks and healthcare providers -- are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem ...
3CX Breach Was a Double Supply Chain Compromise

3CX Breach Was a Double Supply Chain Compromise

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North ...
Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to ...
Microsoft Patch Tuesday, March 2023 Edition

Microsoft Patch Tuesday, March 2023 Edition

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe ...
Highlights from the New U.S. Cybersecurity Strategy

Highlights from the New U.S. Cybersecurity Strategy

The Biden administration today issued its vision for beefing up the nation's collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard ...
New Protections for Food Benefits Stolen by Skimmers

New Protections for Food Benefits Stolen by Skimmers

Millions of Americans receiving food assistance benefits just earned a new right that they can't yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are ...
New T-Mobile Breach Affects 37 Million Accounts

New T-Mobile Breach Affects 37 Million Accounts

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation ...
New Ransom Payment Schemes Target Executives, Telemedicine

New Ransom Payment Schemes Target Executives, Telemedicine

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare ...
ConnectWise Quietly Patches Flaw That Helps Phishers

ConnectWise Quietly Patches Flaw That Helps Phishers

ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over ...