Security Bulletin

Cisco needed to scale its virtual support engineer that assists its technical support teams around the world. By leveraging its own Splunk technology, Cisco was able to scale the AI assistant to… Read more on Cisco Blogs

Cisco IT needed to secure its workforce in a zero trust, user-friendly way that would allow its 130,000 users to securely work anywhere, from any device, without friction. By leveraging its own Duo Passwordless, the team was able to eliminate...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Out-of-Bounds Write, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38475 Apache HTTP Server Improper Escaping of Output Vulnerability CVE-2023-44221 SonicWall SMA100 Appliances OS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: KUNBUS Equipment: Revolution Pi Vulnerabilities: Missing Authentication for Critical Function, Authentication Bypass by Primary Weakness...

CISA released two Industrial Control Systems (ICS) advisories on May 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-121-01 KUNBUS GmbH Revolution Pi ICSMA-25...

CIS Hardened Images are virtual machine images hardened with the globally recognized secure configuration recommendations of the CIS Benchmarks.

A friend asked me if my pngdump.py tool can extract individual bits from an image (cfr. diary entry " Steganography Analysis With pngdump.py").

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Deepfakes and other forms of generative AI may be the catalysts to force a restructuring of the entire U.S. identity system.

The China-linked cyber-operations group, better known as Lotus Panda, uses its own custom malware to focus on government agencies and private companies in Hong Kong, the Philippines, Taiwan, and Vietnam.

Voice firewalls, call authentication and real-time fraud detection offer robust vishing prevention.