Security Bulletin

By using brief, plain clues in their prompts that are likely to influence the app to query older models, a user can downgrade ChatGPT for malicious ends.

NCC Group's David Brauchler III shared how foundational controls and threat modeling strategies can help secure agentic AI tools in ways traditional guardrails can't.

New research highlights how threat actors abuse legitimate virtual private server offerings in order to spin up infrastructure cheaply, quietly, and fast.

Quick recovery relies on three security measures.

With ten days off to volunteer through our Time2Give program, $10,000 in matching donations, and tens of thousands employees participating, Cisconians are empowered to turn Purpose into action. See our impact in FY25, and what's ahead for FY26.

Teenaged security researchers Sasha Zyuzin and Ruikai Peng discuss how their new vulnerability discovery framework leverages LLMs to address limitations of the past.

Attackers will continue to evolve, and the help desk will always be a target. But with the right mix of training, support, and trust, frontline agents can become your biggest security assets.

Logging netflows provided valuable insight about attacker tactics during a breach by state-sponsored hackers targeting Columbia's research labs.

DARPA's Kathleen Fisher discusses the AI Cyber Challenge at DEF CON 33, and the results that proved how automation can help patch vulnerabilities at scale.

A lot of people like the command line, the CLI, the shell (name it as you want) because it provides a lot of powerful tools to perform investigations. The best example is probably parsing logs! Even if we have SIEM to ingest and process them, many...

At one point, Al-Tahery Al-Mashriky was hacking thousands of websites within the span of three months while stealing personal data and sensitive information.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.