American businesses are on the front line of the nation’s looming conflicts with China and other adversaries like Russia and Iran, the U.S. spy chief Director of National Intelligence Avril Haines warned last week. Learn why the relationship between the private sector and the intelligence community needs to outgrow the confines of the customer/vendor nexus and go beyond its current information-sharing paradigm.

A vulnerability allowing malicious files to be uploaded to the Versa Director GUI by users with System Admin credentials is being exploited. Stay informed with CyberWatch.

In May of 2024, a national association for amateur radio was hit by a severe ransomware attack that encrypted multiple internal systems, including desktops, laptops, and both Windows and Linux servers. The attack was coordinated by organized criminals and enabled by information purchased on the dark web. Learn how their response can help your organization avoid becoming a casualty of the ransomware trend.

New threats emerge daily, but some old network vulnerabilities stubbornly refuse to fade away. One such vulnerability is Log4j, better known as Log4Shell. Discovered nearly three years ago, this critical flaw continues to wreak havoc across industries. Dive into the details and explore why this vulnerability remains such a persistent threat.

Chief among the multi-layered strategies companies use to safeguard their sensitive data is network segmentation. This approach, which involves dividing a network into smaller, isolated segments, goes a long way toward stymying the efforts of malicious actors. The significance of network segmentation and subnetting, along with their many benefits are discussed ahead.

Google Chrome and Microsoft Edge have released updates for an actively exploited Zero Day Vulnerability. Google is aware that an exploit for this CVE is circulating publicly.

The Blast-RADIUS incident is a wake-up call for the cybersecurity industry, regulatory bodies, and enterprises to urgently transition to modern, more secure standards and protocols.

Zoom urges users to patch two high severity vulnerabilities: CVE-2024-39818 (CVSSv3: 7.5), an information disclosure vulnerability that allows an authenticated user to perform information disclosure through network access and CVE-2024-39825 (CVSSv3: 8.5), a buffer overflow that allows an authenticated user to conduct an escalation of privilege using network access. Affected applications are Zoom Workplace Desktop App, Zoom Workplace VDI Client, Zoom Workplace App for Android and iOS, and Zoom Rooms Application for Windows, Mac, and iPad.

A judge has issued a ruling on the SEC's suit against SolarWinds. There are wins and losses for both sides, and lessons for the industry in the judge's words.