Ransomware threats continue to be many criminals’ weapon of choice for reliably shaking down victims small, medium, and large, in pursuit of a safe, easy and reliable payday.

The Confidential Computing Consortium’s new Gramine Project is introducing its production-ready version – Gramine 1.0 – to enable the protection of sensitive workloads with Intel SGX.

In a security advisory, Mozilla’s announced that several security issues in its Firefox browser have been fixed. Several of these vulnerabilities were listed as having a high impact.

Financial institutions will be required to explain their information-sharing practices and designate a single qualified individual to oversee their information security program.

CISA has issued this year’s first binding operational directive (BOD) ordering federal civilian agencies to mitigate security vulnerabilities exploited in the wild within an aggressive timeline.

Microsoft 365’s Jon Maunder said its “specially built to bring enterprise-grade endpoint security to businesses with up to 300 employees, in a solution that is easy-to-use and cost-effective.”

The cybersecurity body reiterated that there is “no specific, credible threat to election infrastructure” but noted that they are “ready to provide cyber incident response and expertise if needed.”

ESET reported a new variant of the Hive ransomware that is targeting Linux and FreeBSD operating systems. Written in Go, the malware appears to be under development. Hive is known to target processes related to backups and antivirus or anti-spyware and terminates them.

Balikbayan Foxes, aka TA2722, a new highly sophisticated threat actor, found targeting organizations globally by impersonating the Philippines government and businesses. All the campaigns were found distributing Remcos or NanoCore RATs. Security professionals and organizations are recommended to track this threat to avoid any surprises.

A now-patched critical RCE vulnerability in GitLab’s web interface is being actively exploited in the wild, rendering a large number of internet-facing GitLab instances susceptible to attacks.