GitHub has added SMS support and fresh account lockout prevention features to its phased rollout plans as it prepares to implement a 2FA requirement for accounts beginning Monday.

The threat intelligence vendor Flashpoint warned that threat actors are increasingly combining known vulnerabilities, stolen credentials, and exposed data to wreak maximum damage.

A new report, titled "Fog of War: How the Ukraine conflict transformed the cyber threat landscape," offers insights involving the Russian invasion from two of Google's groups -- TAG as well as Trust and Safety -- and subsidiary Mandiant.

Updates for the vulnerabilities are available for VMware vRealize Log Insight in the form of version 8.10.2. VMware also published workarounds as an alternative for affected customers.

The COVID-19 pandemic incentivized the use of virtual platforms for students to attend school remotely, which broadened the attack surface and presented a goldmine of sensitive information belonging to educators and students.

A 2020 ransomware attack against Baltimore County Public Schools began with a contractor error, according to a report released Monday by Maryland's Office of the Inspector General for Education.

Beneath the buzz around tech innovations at CES were discussions about cybersecurity and how to prevent the next generation of tech from being just as vulnerable as the last.

Triple Data Encryption Algorithm is used widely across many industries and in many popular network protocols to encrypt data at rest and data in motion. NIST deprecated the algorithm in 2018, however, and Triple DES use will be disallowed after 2023.

While the number of ransomware attacks disclosed and reported in December did not increase from the previous month, many victims were high-profile companies such as cloud service provider Rackspace.

Approximately 60,000 IP addresses with internet-facing Exchange Server instances are still vulnerable to ProxyNotShell flaw CVE-2022-41082, according to cybersecurity nonprofit Shadowserver Foundation.