Mandiant researchers identify a range of victims affected in attacks targeting newly reported Microsoft Exchange Server vulnerabilities.

The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks.

Website admins should patch all plugins, WordPress itself and back-end servers as soon as possible.

The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers.

Elite Russian forums for cybercriminals have been hacked in a string of breaches, leaving hackers edgy and worried about law enforcement.  

Researchers with Microsoft and FireEye found three new malware families, which they said are used by the threat group behind the SolarWinds attack.

Newly discovered tools were designed for late-stage use after the attackers had already established a relatively firm presence on a breached network, vendors say.

A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.

Original release date: March 4, 2021

The National Security Agency (NSA) and CISA have released a Joint Cybersecurity Information (CSI) sheet with guidance on selecting a protective Domain Name System (PDNS) service as a key defense against malicious cyber activity. Protective DNS can greatly reduce the effectiveness of ransomware, phishing, botnet, and malware campaigns by blocking known-malicious domains. Additionally organizations can use DNS query logs for incident response and threat hunting activities.

CISA encourages users and administrators to consider the benefits of using a protective DNS service and review NSA and CISA’s CSI sheet on Selecting a Protective DNS Service for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk.