Security Bulletin

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

One out of every 1,000 devices it encounters have either been rooted (Android) or jailbroken (iOS).

A massive cybercrime network known as "VexTrio" is using thousands of compromised WordPress sites to funnel traffic through a complex redirection scheme.

The Amazon Nova AI Challenge puts student research to the test and aims to bring a new perspective to challenges arising from the increase in AI-assisted software development.

Deserialization vulnerability that could let attackers run a remote code execution (RCE).

Cybersecurity vendors say threat actors' abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.

Our API (https://isc.sans.edu/api) continues to be quite popular. One query we see a lot is lookups for individual IP addresses. Running many queries as you go through a log may cause you to get locked out by our rate limit. To help with that, we now...

The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.

Today, connectivity is no longer a form of aid; instead, it’s often necessary to even receive aid. Beneficiary registration, digital cash, relief benefits, and social service applications all require secure connectivity— and Cisco helps deliver this...

While most of the browser-based phishing attempts involved the spoofing of Microsoft, Facebook, and Netflix.

All six actions have since been consolidated, and the consolidated class action complaint was filed on November 7, 2024.