Thousands of internet-facing VMWare vCenter servers are still impacted by critical vulnerabilities despite patches being released weeks ago, warn researchers. The vulnerabilities impact the centralized management utility Center Server. VMWare issued patches for the two critical bugs on May 25, however, not all servers have adhered to recommendations and implemented

Beijing has been engaged in a battle for public opinion for several years, aggressively promoting a positive vision of China to counter criticisms for its involvement in human rights violations, intellectual property theft, currency manipulation, its engagement with Taiwan and the South China Sea disputes, and its suspected involvement in the COVID-19 outbreak.  In 2017, senior Party leaders acknowledged that “the main battlefield for public opinion” occurs on the extensive borderless Internet where people receive their news, express their thoughts, and promote and argue their political and ideological viewpoints.  Beijing understands how the Internet is essential in disseminating China-friendly narratives, while at the same time deflecting criticisms and reassigning blame.  In essence, it is how Beijing seeks to preserve its image while tarnishing those of others.

Sol Oriens, a US subcontractor for the Department of Energy that works on nuclear weapons was hit by a cyberattack last month that was allegedly the work of the infamous REvil ransomware gang. REvil posted a statement to its website that states that the malicious organization boasts the right to

Over 110,000 fake websites and online marketplaces advertising fraudulent pharmaceuticals have been shut down as part of an international crackdown on fake pharma sites, according to the global policing organization Interpol. Interpol states that the operation, deemed Operation Pangea XIV, involved customs, law enforcement, and regulatory officers from 92 different

McDonald’s has suffered from a data breach that has impacted customers and employees located in South Korea and Taiwan. The breach, which was the result of a cyberattack, also affected company operations in the United States. An unauthorized third party allegedly broke into the system of McDonald’s Cope. and accessed

Game theory, the study of competition and conflict, tells us there are two types of games: Finite Games and Infinite Games. Understanding that cybersecurity, like espionage, is an infinite game, should inform our all our actions in cyberspace. This post provides suggested considerations for businesses, individuals and governments seeking advantage in this infinite game.

Gaming giant Electronic Arts has suffered from a major data breach that includes details pertaining to game source code and tools for several popular games. Cybercriminals claimed to have breached the company in blog posts published on underground hacking forums. These posts advertised 780GB of data for sale. EA later

APT group “Fancy Lazarus” has been ramping up its ransom DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers. Researchers state the APT group is launching a new series of attacks using a combination of the

On Thursday, the US Department of Justice announced that a multinational operation had led to the seizure of Slilpp, a massive and popular marketplace for selling online logins and credentials. At the time of the takedown, authorities note that there were more than 80 million login credentials for sale used

US retailer Carter’s has suffered from a data leak that exposed the personally identifiable information (PII) of hundreds of thousands of customers. However, unlike many data leaks, the incident was not the result of an unsecured bucket or misconfigured cloud storage system, rather the leak was caused by relaxed security