The Center of Internet Security (CIS) in coordination with the SANS Institute and through a consortium of security experts, U.S. agencies such as the NSA, coordinated the CIS Controls Version 8 (formerly known as “Critical Security Controls” or CSC) to help simplify and prioritize list of controls that would have the greatest impact to an organization in improving risk posture against cyber threats.
CIS Controls Version 8 Read More »
The Microsoft Threat Intelligence Center (MSTIC) has uncovered a “sophisticated email-based attack” operated by NOBELIUM, as part of a wide-scale malicious email campaign.
Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’ Read More »
Drupal has patched a Moderately Critical cross-site scripting (XSS) vulnerability in Drupal Core.
Drupal fixes ‘Moderately Critical’ XSS bug in CKEditor library Read More »
Apple has released security updates to fix vulnerabilities in iOS 14.6, macOS Big Sur 11.4, Safari 14.1.1, tvOS 14.6, watchOS 7.5, and other products. The tech giant also reported macOS Big Sur vulnerability CVE-2021-30713 has been exploited in the wild.
Apple security updates for iOS 14.6, macOS Big Sur 11.4 and other products – updated Read More »
Google has released Chrome 91 security update (91.0.4472.77) for Windows, Mac and Linux with fixes for 19 vulnerabilities.
Google releases Chrome security update (91.0.4472.77) Read More »
The Federal Bureau of Investigation (FBI) has identified at least 16 Conti ransomware attacks targeting healthcare and first responder networks in the United States.
Google confirmed on Wednesday that there are indications of four Android vulnerabilities related to Qualcomm and ARM components have been exploited in the wild.
Four Android vulnerabilities exploited in the wild Read More »
A security researcher has published proof-of-concept (PoC) exploit code for a Windows HTTP protocol stack remote code execution (RCE) vulnerability CVE-2021-31166.
PoC exploit code released for Windows wormable RCE (CVE-2021-31166) Read More »
Researchers have discovered Mount Locker ransomware now targets Windows Active Directory APIs to worm or spread its way through networks.
Mount Locker ransomware targets Windows APIs to spread through networks Read More »
The FBI and CISA have published a joint cybersecurity alert on a new ransomware variant “DarkSide” used in recent cyberattack against pipeline operator Colonial Pipeline. The alert also includes best practice guidance in disrupting ransomware attacks.
