Today, Microsoft fixed a known issue breaking VPN connections across client and server platforms after installing the April 2024 Windows security updates. [...]
Microsoft has fixed a known issue causing NTLM authentication failures and domain controller reboots after installing last month's Windows Server security updates. [...]
Apple has released security updates to fix a zero-day vulnerability in the Safari web browser exploited during this year's Pwn2Own Vancouver hacking competition. [...]
VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest. [...]
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks. [...]
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns. [...]
Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data. [...]
Ascension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday. [...]
The Ohio Lottery is sending data breach notification letters to over 538,000 individuals affected by a cyberattack that hit the organization's systems on Christmas Eve. [...]
Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week. [...]
Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. [...]
The Government of British Columbia is investigating multiple "cybersecurity incidents" that have impacted the Canadian province's government networks. [...]
Ascension, one of the largest private healthcare systems in the United States, has taken some of its systems offline to investigate what it describes as a "cyber security event." [...]
F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, which can be exploited to gain admin control and create rogue accounts on any managed assets. [...]
The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. [...]
Microsoft has confirmed that last month's Windows Server security updates may also cause domain controller reboots after the Local Security Authority Subsystem Service (LSASS) process crashes. [...]