Security Bulletin

With its comprehensive passive/listener-based utilities for initial access and lateral movement, UNC1860 may have supported Iranian hacking attacks with the BABYWIPER malware against Israel last October and intrusions with the ROADSWEEP malware...

For companies undergoing digital transformation, overhauling identity and access management is central to the effort. Here are lessons learned from Kyndryl’s journey and how it was aided by its partnership with Okta.

Versa Networks has released an advisory for a vulnerability ( CVE-2024-45229) affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates...

There are many integrations made available by Cisco Security and their tech partners, improving cybersecurity posture and defenses of mutual customers.

An integrated approach to pentesting and bug bounty programs promises to find vulnerabilities that would otherwise get missed.

A 2024. 38. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.09.13. és 2024.09.19. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

How the Kimsuky nation-state group and other threat actors are exploiting poor email security — and what organizations can do to defend themselves.

Mastercard's $2.65 billion deal to acquire the threat intelligence provider will boost the credit-card company's AI-based cybersecurity protection capabilities.

Disconnects between IT departments and executive boards drive “alarming” cybersecurity trends.

The criminal hackers are behind at least 30 cybercrime scams, including malware, phishing and cryptocurrency fraud.