Cybersecurity

Subscribe to Cybersecurity via RSS

Recently, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), and Canadian Centre for Cyber Security (Cyber Centre) issued guidance outlining security best practices for administrators on hardening on-premises Exchange servers.

The guidance emphasizes that “the threat to Exchange servers remains persistent…and should be

The New York Division of Financial Services (NYDFS) recently issued new cybersecurity guidance to assist covered entities in understanding and responding to the heightened risks posed by third party service providers (TPSP). NYDFS emphasized that covered entities must acknowledge and account for these risks and offer assistance in addressing them.

Based upon NYDFS’ enforcement activities

OpenAI recently published research summarizing how criminal and nation-state adversaries are using large language models (LLMs) to attack companies and create malware and phishing campaigns. In addition, the use of deepfakes has increased, including audio and video spoofs used for fraud campaigns.

Although “most organizations are aware of the danger,” they “lag behind in [implementing]

Oracle has confirmed that the threat actor group Cl0p is actively exploiting a zero-day vulnerability in the Oracle E-Business Suite product, versions 12.2.3-12.2.14. On October 4, 2025, Oracle advised its customers in a security advisory that the supplied patch should be applied “as soon as possible.” According to Oracle, “this vulnerability is remotely exploitable without

According to NextGov, it obtained a screenshot of an incident overview presentation that confirmed confirmed “a ‘widespread cybersecurity incident’ at the Federal Emergency Management Agency [that] allowed hackers to make off with employee data from both the disaster management office and U.S. Customs and Border Protection.”

The incident reportedly started on June 22, 2025

The Mandiant and Google Threat Intelligence Group has been responding to and monitoring malware dubbed BRICKSTORM targeting “a range of industry verticals, most notably legal services, Software as a Service (SaaS) providers, Business Process Outsourcers (BPOs), and Technology.” According to Mandiant/Google, “the value of these targets extends beyond typical espionage missions, potentially providing data

Although SonicWall has provided a patch for a vulnerability for its VPN affecting its Gen5, Gen6, and Gen7 firewall appliances (which allowed threat actors unauthorized access to SonicWall appliances), Rapid7 has reported that “an Akira ransomware campaign [recently] kicked off targeting SonicWall devices.” SonicWall has provided an advisory to customers related to the campaign, which

An attack against Salesforce between August 8 and August 18 targeting data through its Salesloft Drift app “is more extensive than at first thought.” The attack targeted numerous Salesforce customers “systematically exfiltrating large volumes of data.”

Google affirmed that threat actors not only targeted the Salesforce integration with Salesloft Drift, but also targeted some Google

On August 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory entitled “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System.” The Advisory warns that People’s Republic of China (PRC) sponsored advanced persistent threat (APT) actors “are targeting networks globally, including, but not limited to, telecommunications, government