来自顶级安全媒体的最新动态
The cybersecurity industry’s beloved “purple team” concept is broken by design. According to data from CISA KEV, VulnCheck KEV, and ExploitDB, the mean time from ...
Thousands of schools and universities across the United States and Canada were thrust into disarray this week after the popular learning management system (LMS) Canvas, developed b...
A federal jury in Virginia has convicted 39-year-old Richmond resident James E. Thornton on multiple charges stemming from a 2023 cyber intrusion that resulted in the deletion of 9...
A recent analysis of more than 25 million security alerts collected from a dozen global security operations centers (SOCs) over a six‑month period reveals that low‑severity events ...
Modern threat actors launch campaigns that generate thousands of alerts per hour, leaving security operations centers (SOCs) drowning in data. Even with a larger team of analysts, ...
On March 15, 2023, a federal jury in the Eastern District of Virginia found Austin M. Collins, 34, of Arlington, Virginia, guilty of one count of conspiracy to commit computer frau...
Organizations often believe that securing a retainer with a reputable incident response (IR) firm or pre‑approving an external provider is sufficient to survive a cyber crisis. Whi...
Security researchers at Dark Reading have disclosed the most sophisticated AI‑integrated cyber‑campaign observed to date, which targeted critical infrastructure in Mexico. The oper...
Modern cyber‑threats have evolved beyond the initial breach, with adversaries now targeting backup systems, encryption keys, and recovery pipelines to maximize impact. A new webina...
The Hacker News (THN) has officially opened the call for entries for the Cybersecurity Stars Awards 2026, an initiative designed to shine a spotlight on the behind‑the‑scenes work ...
Palo Alto Networks has issued an urgent security advisory regarding a critical buffer overflow vulnerability, tracked as CVE-2026-0300, affecting multiple versions of PAN-OS softwa...
Cisco has released patches for a high‑severity denial‑of‑service (DoS) vulnerability affecting its Crosswork Network Controller and Network Services Orchestrator (NSO) products. Tr...
Acronis researchers have documented a systematic shift in ransomware operations: before triggering encryption, threat actors now deliberately cripple backup infrastructure. Their 2...
hackmyip.com will host a live webinar titled "Why Network Incidents Escalate and How to Fix Response Gaps" on March 15, 2025 at 2:00 PM EST. The session will feature Alex Rivera, s...
Palo Alto Networks issued an emergency advisory on Tuesday warning customers that a critical, as‑yet‑unpatched remote‑code‑execution (RCE) flaw in the PAN‑OS User‑ID Authentication...
The UC Berkeley Center for Long-Term Cybersecurity (CLTC) has launched a dedicated research hub designed to bridge the cybersecurity gap for schools, local governments, and non‑pro...
When Alex Rivera, "CISO of Globex Systems", commissioned a penetration test in Q3 2023, his first decision was to define a precise scope that included internal VLAN segmentation, c...
On 12 March 2026, Taiwanese authorities arrested a 23‑year‑old university student for allegedly compromising the TETRA (Terrestrial Trunked Radio) communication network that underp...
An international law enforcement coalition dubbed 'Operation Crypto Shield,' led by the FBI, Europol, and China's Ministry of Public Security, has achieved a landmark victory again...
Kaseya announced a live webinar titled “Why MSPs must rethink security and backup strategies” scheduled for June 15, 2026 at 2:00 PM ET. The session, hosted by Kaseya’s Product Mar...
Microsoft has confirmed that the security updates released on April 2026 for Windows are causing serious failures in third‑party backup applications that rely on the psmounterex.sy...
On March 24, 2026, Microsoft Defender began flagging legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha after a signature update. The detection impacted multiple...
The U.S. Department of Justice announced that two former cybersecurity professionals have each been sentenced to four years in federal prison for their roles in enabling BlackCat r...
Instructure, the company behind the widely used Canvas learning management system, disclosed on March 2 2026 that it had identified a cyber incident affecting its internal infrastr...
Criminal IP, a provider of exposure‑based threat intelligence, announced a partnership with Securonix to embed its rich contextual data directly into the Securonix ThreatQ platform...
Microsoft has resolved a long‑standing rendering bug that caused newly added Remote Desktop Protocol (RDP) file security warnings to appear malformed on Windows 10 (versions 20H2, ...
A federal court has sentenced two former cybersecurity incident response professionals to four years in prison each for their roles in conducting BlackCat (ALPHV) ransomware attack...
Oracle Red Bull Racing has launched a sweeping automation initiative aimed at embedding security directly into the team’s high‑velocity development pipelines. With the pit wall and...
In the past, security teams could count on a brief, predictable window between the disclosure of a vulnerability and the release of a patch. That buffer has all but vanished as AI-...
A Chinese national linked to the Silk Typhoon advanced persistent threat (APT) group has been handed over to U.S. authorities after being arrested in Italy in July 2025. Xu Zewei, ...
On March 12, 2024, former incident‑response negotiator David Mercer entered a guilty plea in the U.S. District Court for the Eastern District of New York to one count of conspiracy...
The U.S. Coast Guard has issued a set of updated cybersecurity requirements under the Maritime Transportation Security Act (MTSA), signaling a heightened focus on protecting operat...
The U.S. Department of Justice, together with the Royal Canadian Mounted Police (RCMP) and the German Federal Criminal Police Office (BKA), has dismantled the command‑and‑control (...
Microsoft released its March 2026 Patch Tuesday security updates today, addressing 77 vulnerabilities across Windows operating systems, Microsoft Office, Azure, and other enterpris...
The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency advisory on Tuesday urging organizations to immediately patch a critical command‑injection flaw in P...