March 4, 2024

U.S. cybersecurity and intelligence agencies have raised the alarm over Phobos ransomware attacks that are currently targeting entities such as municipal and county governments, emergency services, education, public healthcare, and critical infrastructure.

March 2, 2024

Last month, Microsoft remedied a high-risk Windows Kernel privilege escalation vulnerability, CVE-2024-21338, half a year after being notified that it was being actively exploited.

March 2, 2024

A U.S. court has instructed the NSO Group to provide its Pegasus spyware source code to Meta.

March 1, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an order to U.S. Federal Civilian Executive Branch (FCEB) agencies to fortify their Windows systems against a critical vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS) that is currently being exploited in attacks.

March 1, 2024

The Five Eyes intelligence alliance, a coalition of intelligence agencies from five countries, has issued a joint cybersecurity advisory.

February 29, 2024

CISA has revealed that hackers exploiting vulnerabilities in Ivanti VPN appliances may be able to maintain root persistence even after factory resets.

February 29, 2024

Cisco, the technology titan, has issued its semiannual FXOS and NX-OS security advisory bundle, which details information on four vulnerabilities.

February 29, 2024

Two Chinese cyber espionage clusters, known as UNC5325 and UNC3886, have been exploiting security vulnerabilities in Ivanti Connect Secure VPN appliances.

February 28, 2024

The BlackCat/ALPHV ransomware group has publicly taken responsibility for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which has led to a continuous outage affecting the Change Healthcare platform.

February 28, 2024

The North Korean hacking group Lazarus has exploited a zero-day vulnerability in the Windows AppLocker driver, appid.sys, to gain kernel-level privileges and disable security tools.