Miscreants running a “mass exploitation campaign” against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according

“Several cloud deployments” are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say. CVE-2024-50603 leads to remote code execution (RCE)

Microsoft has sued a group of unnamed cybercriminals who developed tools to bypass safety guardrails in its generative AI tools. The tools were used to

Microsoft’s multi-factor authentication (MFA) for Azure and Microsoft 365 (M365) was offline for four hours during Monday’s busy start for European subscribers. “Multi-Factor Authentication (MFA)

Sweden has committed to sending naval forces into the Baltic Sea following yet another suspected Russian attack on underwater cables in the region. The deployment

A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant’s own server-side encryption with customer provided keys (SSE-C) to lock

UK domain registrar Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits. Nominet told customers via an email

Infosec in brief Gravy Analytics, a vendor of location intelligence info for marketers which reached a settlement with US authorities last year over its alleged

Chinese cyber-spies who broke into the US Treasury Department also stole documents from officials investigating real-estate sales near American military bases, it’s reported. Citing three

BayMark Health Services, one of the biggest drug addiction treatment facilities in the US, says it is notifying some patients this week that their sensitive

On Call Velkomin, Vælkomin, Hoş geldin, and welcome to Friday, and therefore to another edition of On Call – The Register‘s end-of-week celebration of the

The White House this week introduced a voluntary cybersecurity labeling program for technology products so that consumers can have some assurance their smart devices aren’t

The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts “seriously” as Ivanti battles two dangerous new vulnerabilities, one

Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws. Trend Micro spotted what

Digital Security As detections of cryptostealers surge across Windows, Android and macOS, it’s time for a refresher on how to keep your bitcoin or other

Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing

Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing

The outgoing leader of the United States’ Office of the National Cyber Director has a clear message for whomever President-elect Trump picks to be his