Security Bulletin

[This is a Guest Diary by Matthew Gorman, an ISC intern as part of the SANS.edu BACS program]

Google will combine existing services bundled with cybersecurity firm Mandiant.

Google Unified Security brings together threat detection, AI-powered security, secure browser features, and Mandiant services, the company said at its Cloud Next conference.

The security teams associated with the 2024 Olympic Games in Paris focused on in-depth penetration testing, crisis management exercises, and collaboration to defend against potential cyberattacks.

A review of the emails involved in the breach is still ongoing, but what has been discovered is enough for the Treasury Department to label it a "major cyber incident."

Attacks on a critical authentication bypass flaw in CrushFTP's file transfer product continue this week after duplicate CVEs sparked confusion.

Several RansomHub affiliate chat portals reportedly went offline last week.

Cybersecurity and policy experts worry that if tariffs give way to a global recession, organizations will reduce their spending on cybersecurity.

Independent bureau of Treasury notified Congress that hack was a “major incident.”

The database company said its Oracle Cloud Infrastructure (OCI) was not involved in the breach. And at least one law firm seeking damages is already on the case.

Threat actors are trolling online forums and spreading malicious apps to target Uyghurs, Taiwanese, Tibetans, and other individuals aligned with interests that China sees as a threat to its authority.

Explore how automation with Cisco Network Services Orchestrator is transforming network compliance for government agencies, enhancing collaboration between NetOps and SecOps teams, and streamlining operations across multi-vendor networks.