Security News

The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of...

ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on...

ConnectWise has fixed two vulnerabilities in ScreenConnect that could allow attackers to execute remote code or directly impact confidential data or critical systems. ConnectWise ScreenConnect is a remote desktop software solution popular with managed services providers and businesses they offer services to, as well as help desk teams.

A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600...

Two days after its Digital Services Act came into effect, the European Union used it to open an investigation into made-in-China social network TikTok. European Commissioner Thierry Breton delivered news of the probe in a Xeet that revealed the investigation will consider "Suspected breach of transparency & obligations to protect minors."

Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli...

SEC's new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in effect since December 18, 2023. For businesses that already harbor concerns over their cybersecurity protections, visibility, and incident response preparedness, meeting the SEC's new incident reporting rules can be a serious challenge.

Decentralized identity is an approach to identity management that allows users to control their identity information and eliminate the need to provide unnecessary amounts of personal information in order to access a service. By putting personal data in the power of the individual, decentralized identity increases privacy and reduces the possibility of fraud and account takeovers by helping ensure the person behind the credential is who they claim.

An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of...

92% of respondents to a recent report shared that their organization had been a victim of identity fraud, costing an average of $4.3 million over the last 12 months. Only 40% stated identity verification as a top identity challenge, noting that many organizations still need to trust more secure authentication practices, patchy identity monitoring, and other outdated manual processes to do the job.