Vulnerability ManagementPKFail bug puts firmware security at riskShaun NicholsJuly 26, 2024Researchers say that a years-old security leak is putting a number of production model PCs at risk of persistent remote takeover.
Cloud SecurityForeign threat actors exploit ServiceNow bugsSteve ZurierJuly 26, 2024Security pros say the bugs are input validation flaws that can lead to remote code execution.
AI/MLNVIDIA patches flaw in Jetson software used in AI-powered systemsLaura FrenchJuly 25, 2024The high-severity vulnerability could enable denial of service, code execution and privilege escalation.
Incident ResponseCrowdStrike CEO says 97% of Windows systems back onlineTom Spring July 25, 2024CrowdStrike CEO Kurtz majority of systems back online and he is "deeply sorry" for those still impacted.
Network SecurityTech firms top list of most targeted industry in Q2 by cybercriminalsShaun NicholsJuly 25, 2024The rise in upstream attacks has cybercriminals increasingly setting their sites on technology companies.
Application security3,000 GitHub accounts found distributing malwareSteve ZurierJuly 25, 2024Threat actors set up fake accounts that look legitimate on the GitHub platform.
Cloud SecurityHHS audit finds serious gaps in cloud security at agency officeLaura FrenchJuly 24, 2024Penetration testers were able to access sensitive information stored by the HHS Office of the Secretary.
Vulnerability ManagementHackers bypass Windows SmartScreen flaw to launch malwareShaun NicholsJuly 24, 2024Cybercriminals are stepping up efforts to bypass a critical component in Microsoft Defender in order to covertly install malware
Network SecurityAT&T outage blocked more than 25,000 emergency calls, says FCCSteve ZurierJuly 24, 2024FCC report says a network misconfiguration by an AT&T Mobility employee caused the 12-hour outage.
Network SecuritySpain arrests three in pro-Russian DDoS crew takedownShaun NicholsJuly 23, 2024NoName057(16) functions as a hacktivist crew primarily carrying out politically motivated DDoS attacks.
How companies can secure their data as the Summer Olympics begin — and the threat landscape amps upStas NeymanJuly 26, 2024
CrowdStrike outage demonstrates how industry may respond to a Cyber Pearl HarborWayne SchepensJuly 25, 2024