Security Bulletin

Nearly 150 S3 buckets previously leveraged by cybersecurity firms, governments, Fortune 500 companies, and open source projects could be re-registered with the same AWS account name to facilitate executable and/or code injections in the deployment...

This campaign primarily targets finance, accounting, and sales professionals, aiming to steal sensitive data.

Initial network appliance compromise and operation under root privileges will be verified before the deployment of the "libssdh.so" SSH library for data exfiltration and command-and-control communications and the "mainpasteheader" and...

Join the conversation with Adele Trombetta and see why she's excited about what Customer Experience has in store for Cisco Live EMEA this year in Amsterdam.

Wiz has dominated the cloud startup market for several years, but there are lesser-known startups that offer some very targeted cloud security products.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors...

Organizations continue to be at high risk from cybercrime in Africa, despite law enforcement takedowns of cybercriminal syndicates in Nigeria and other African nations.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The flaw enabled authentication bypass by spoofing, with a proof-of-concept exploit available.

Fraud groups are using cutting-edge technology to scale their operations to create fake identities and execute fraud campaigns.

The security startup's autonomous security remediation platform uses off-the-shelf large language models (LLMs) to analyze security alerts and apply the fixes.