Security Bulletin

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.

[This is a Guest Diary by Sihui Neo, an ISC intern as part of the SANS.edu BACS program]

In the heart of Australia’s capital, the Canberra Institute of Technology (CIT) is setting an of how education can evolve to meet the challenges of today while preparing students for the opportunities of tomorrow. Through a bold commitment to digital...

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

At Cisco Live, Wyebot’s AI-powered sensors gave the Cisco team full visibility into attendee Wi-Fi experience, helping ensure flawless connectivity in one of the most demanding wireless environments.

Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that.

An impostor who posed as the secretary of state in text and voice communications with diplomats and politicians demonstrates the increased sophistication of and national security threat posed by the AI technology.

There are several reasons why one would set up an internal certificate authority. Some are configured to support strong authentication schemes, some for additional flexibility and convenience. I am going to cover the second part. In particular, it...

To help counter crime, today's organizations require a cyber-defense strategy that incorporates the mindset of the cybercriminal.

Though the victims list on its site has since been taken down, the group plans on leaking the rest of the files stolen from its victims.

From data fog to threat clarity: Automating security analytics helps security teams stop fighting phantoms and respond to what matters.