Category: alerts

The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. Read more

Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases. Read more

The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike. Read more

Original release date: January 5, 2021 The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet on eliminating obsolete Transport Layer Security (TLS) configurations. The information sheet identifies strategies to detect obsolete cipher suites and key exchange mechanisms, discusses recommended TLS configurations, and provides remediation recommendations for organizations using obsolete TLS configurations. CISA… Read more

Google’s Android security update addressed 43 bugs overall affecting Android handsets, including Samsung phones. Read more

Original release date: January 4, 2021 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor —… Read more

Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts. Read more

Reflecting on 2020’s record-breaking year of spam and inbox threats. Read more

Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold. Read more

Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts. Read more