Security Bulletin

Major data brokerage firm LexisNexis Risk Solutions had information from over 364,000 individuals stolen following a Christmas cyberattack against GitHub, which the company uses for software development, according to TechCrunch.

Cisco Secure Access - DNS Defense is a seamless pathway to our Universal ZTNA solution. Learn how it works in the blog.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Consilium Safety Equipment: CS5000 Fire Panel Vulnerabilities: Initialization of a Resource with an Insecure Default, Use of Hard-coded...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Instantel Equipment: Micromate Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this...

CISA released five Industrial Control Systems (ICS) advisories on May 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-148-01 Siemens SiPass ICSA-25-148-02...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

[This is a Guest Diary by Ehsaan Mavani, an ISC intern as part of the SANS.edu BACS program]

Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption.