So much of the technology showcased at CES includes gadgets made to improve consumers’ lives — whether by leveraging AI to make devices that help people become more efficient, by creating companions to cure loneliness or by providing tools that help people with mental and physical health. But not all innovation is good, according to […]

As we look ahead to the New Year and think about what we are going to prioritize from a security and threat intelligence perspective, it struck me that it is the same problem of old with which we are challenged: collaborating and communicating more effectively to share vital intelligence in the face of ever-growing threats […]

Palo Alto Networks on Wednesday announced patches for multiple vulnerabilities in the Expedition migration tool, including a high-severity bug leading to sensitive information disclosure. A free tool previously known as the Migration Tool, Expedition allows organizations to migrate from other firewall vendors to the Palo Alto Networks NGFW platform. Designed as a temporary migration solution […]

Excelsior Orthopaedics is notifying approximately 357,000 people that their personal and health information was compromised in a data breach resulting from a ransomware attack that came to light in June 2024. Operating several clinics in Amherst, New York, including the Buffalo Surgery Center and Northtowns Orthopaedics, Excelsior Orthopaedics is a healthcare company that specializes in […]

Google Cloud’s Mandiant has linked the exploitation of a newly patched Ivanti VPN zero-day vulnerability to Chinese cyberspies. Ivanti alerted customers on Wednesday that two vulnerabilities, tracked as CVE-2025-0282 and CVE-2025-0283, have been patched in its Connect Secure (ICS) VPN appliances.  CVE-2025-0282, a critical stack-based buffer overflow that allows unauthenticated remote attackers to execute arbitrary […]

Embattled IT software vendor Ivanti on Wednesday raised an alarm for a pair of remotely exploitable vulnerabilities in its enterprise-facing products and warned that one of the bugs has already been exploited in the wild. The high-severity vulnerabilities, tagged as CVE-2025-0282 and CVE-2025-0283, allow unauthenticated remote attackers to launch code execution and privilege escalation attacks. […]

Following the arrest of its CEO last summer, Telegram has been increasingly sharing user data at the request of authorities, according to data collected by researchers.  French authorities arrested Telegram CEO Pavel Durov, a dual citizen of France and Russia, in August 2024 as part of an investigation into criminal activities facilitated by the privacy-focused […]

Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures. The National Police Agency said its analysis on the targets, methods and infrastructure […]

In recent years, tighter security budgets and macroeconomic headwinds have created a need to optimize security spend. In this fiscal environment, security teams find themselves being asked to identify areas in which spend can be optimized. In other words, where can the same or improved ends be achieved through reduced means? One important part of this endeavor […]

Japanese electronics giant Casio has completed its investigation into the data breach caused by a recent ransomware attack and found that thousands of individuals are impacted. The company revealed in early October 2024 that some systems had failed and some services had been disrupted as a result of unauthorized access to its network.  A few […]