Security Bulletin

The Internal Revenue Service was found by the Government Accountability Office to have been lacking oversight on its identity-proofing program using ID.me, reports FedScoop.

Former Cybersecurity and Infrastructure Director Jen Easterly and UK National Cyber Security Centre Founding Director Ciaran Martin have called on private and public cybersecurity organizations to implement a standardized vendor-neutral threat actor...

SP 1800-35 offers 19 examples of how to implement zero-trust architecture (ZTA) using off-the-shelf commercial technologies.

Technical Consulting Engineer Dare A. shares how he balances fatherhood, a cybersecurity career, and grad school with the support of Cisco's culture and benefits.

Cisco has been named a Leader and Fast Mover in GigaOm's Radar for Extended Detection and Response (XDR). Learn what sets Cisco XDR apart in our blog.

Over the weekend, Xavier posted about another image with a payload: " More Steganography!".

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

I spotted another interesting file that uses, once again, steganography. It seems to be a trend (see one of my previous diaries[ 1]). The file is an malicious Excel sheet called blcopy.xls. Office documents are rare these days...

The House Democrats asked for a full assessment of the NVD and CVE systems.

Without new frameworks, agentic AI threatens to overwhelm identity systems with complexity and risk.

The multimodal Nytheon AI platform is advertised on criminal forums and Telegram channels.