Security News

Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online...

Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public...

Over half of security professionals admit their organizations maintain a culture of security through obscurity, with over one-third admitting they are completely secretive about their cybersecurity activities. While many organizations may fear reputational or monetary damage from proactively sharing findings from vulnerabilities and incidents, I've found the contrary to be true: Embracing a culture of cybersecurity transparency is good for business and for the broader security of the internet.

How can organizations balance the need for robust digital asset protection with the drive for business innovation and agility? To best integrate digital assets in your business, it's crucial to integrate your digital asset management solution with your IT systems.

In this Help Net Security video, Adam Marrè, CISO at Arctic Wolf, explains how state and local governments must focus on cybersecurity as the 2024 election approaches in the United States. This workload becomes even heavier during election years with extra responsibilities.

Natural catastrophes, fire, explosion, and political risks and violence are the biggest risers in the latest compilation of the top global business risks. In the United States, cyber has replaced business interruption as the leading risk for the year ahead. Natural catastrophes rose to the third spot.

Email security risks remain high with 94% of organizations experiencing incidents in the past 12 months, according to Egress. The impact of an email security incident can be severe for employees and their organizations.

Australia's government has used the "Significant cyber incidents" sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. On Tuesday the government went a step further, naming Aleksandr Ermakov as linked to the incident, adding that Australia's Federal Police and sigint agency the Australian Signals Directorate "Continue to pursue other leads."

Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild. The issue, tracked as...

More than 600 IP addresses are launching thousands of exploit attempts against CVE-2023-22527 - a critical bug in out-of-date versions of Atlassian Confluence Data Center and Server - according to non-profit security org Shadowserver. The CVE scored a CVSS rating of 10 out of 10, and it affects Confluence Data Center and Server 8 versions released before December 5, 2023 and versions up to 8.4.5.