Lenovo fixed flaws threat actors could have used to disable UEFI Secure Boot, a system guarding against malicious code execution, in Lenovo Notebooks.

Speakers at a new conference hosted by cybersecurity firm Mandiant highlighted the challenge the government faces in motivating companies to report attacks on critical infrastructure.

‘Tis the season for holiday gifts and shopping! To avoid waiting in lines and traffic, many people opt out of going to malls and choose to shop online. 

Attackers are using VPN servers to gain access, and then SSH and RDP to spread through networks.

Federal agencies are under a binding operational directive to address exploitable security vulnerabilities in their software, but the success of CISA’s effort relies on the cooperation of software vendors.

The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 123,000 individuals.