RansomwareOperation Endgame claims 300 domains in mass takedown effortShaun NicholsMay 23, 2025An ongoing international effort against cybercrime operators has announced a mass takedown of ransomware networks.
AI/MLAI data security best practices outlined by CISA and partnersLaura FrenchMay 23, 2025The risks of data supply chain poisoning and malicious data tampering are addressed in the guidance.
Cloud SecurityCISA warns of attacks on Commvault’s Microsoft Azure environmentSteve ZurierMay 23, 2025CISA believes the attacks on Commvault Azure environments may be part of a larger campaign to target SaaS vendors.
IdentityMicrosoft dials up Uncle Sam to take down LummaC2 malware backboneShaun NicholsMay 22, 2025The U.S. Department of Justice teamed up with Microsoft to take down the backbone of a prolific malware operator.
Critical Infrastructure SecurityTrimble Cityworks zero-day attacks on US local governments detailedLaura FrenchMay 22, 2025Analysis revealed the deployment of various backdoors by suspected Chinese-speaking threat actors.
Data SecurityFTC orders GoDaddy to establish a comprehensive security programSteve ZurierMay 22, 2025FTC said GoDaddy failed to prove it offered its 21 million customers adequate security.
Critical Infrastructure SecurityRussian hackers targeting Western logistics, tech support of UkraineShaun NicholsMay 21, 2025APT28 aims to infiltrate the networks of military groups and private contractors.
AI/MLNIST releases new AI attack taxonomy with expanded GenAI sectionLaura FrenchMay 21, 2025The latest version puts more emphasis on supply chain and AI agent security.
RansomwareApparent ransomware attack leads to systemwide outage for Kettering HealthSteve ZurierMay 21, 2025Kettering operates 14 medical centers and more than 120 outpatient locations in western Ohio.
IdentityOracle Database TNS vulnerability could leak data to further attacksShaun NicholsMay 20, 2025A vulnerability in Oracle database communications could allow an unauthenticated user to access system memory contents.
A handy list of risk questions every healthcare CISO should ask potential suppliersRobert A. Eikel May 22, 2025