Security Bulletin

It's never been easier to hide malware in plain sight in open source software package repositories, and "DiscordRAT 2.0" now makes it easy to take advantage of those who stumble upon it.

Tracking metrics like MTTR, MTTD, MTTP, and MTTC can demonstrate the effectiveness of your patch management process and your value to the business.

Defenders have been left scrambling after the way patches were released for six flaws in the open source mail server, which is the most popular mail transfer agent on the Internet.

A recent thread on the bind-users mailing list discussed an issue with QNAME minimization and Spamhaus's DNS servers. We have created a GitLab issue about it, but the issue appears to be non RFC-compliant responses from Spamhaus's DNS servers. This...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

While it's tempting to dismiss Russian hacktivist DDoSing as all sizzle and no steak, experts warn the cyberattacks can cause serious damage -- and are poised to become more and more dangerous

While CVE-2023-40044 is critical, threat watchers hope it won't be another MOVEit for customers of Progress Software's file transfer technology.

Researchers found 164 domains connected to a single threat actor located in Tehran.

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Thousands of messages are being sent weekly in a campaign that uses links hosted on legitimate websites to evade natural language processing and URL-scanning email protections.

Combining robust decryption and orchestration of encrypted traffic with threat prevention is crucial to staying ahead of attackers.