Security Bulletin

NIST developed new quantum-resistant cryptographic standards, but operationalizing these standards will require more work.

MSPs love how Cisco solved the complex challenges facing the MSP community. Exciting things are coming in 2025 to help MSPs streamline and simplify offerings.

Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Department of Agriculture (USDA) released Phishing-Resistant Multi-Factor Authentication (MFA) Success Story: USDA’s FIDO Implementation. This report details how USDA...

Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering and Development Institute (HSSEDI), operated by MITRE, has released the 2024 CWE Top 25 Most Dangerous Software Weaknesses...

Today, CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) released updates to #StopRansomware: BianLian Ransomware Group on observed tactics, techniques, and...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability CVE-2024-38813 VMware vCenter Server...

Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors.

DeepTempo's Tempo is a deep learning-based Snowflake native app that allows organizations to detect and respond to evolving threats directly within their Snowflake environment.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

RIIG is a risk intelligence and cybersecurity solutions provider offering open-source intelligence solutions designed for zero-trust environments.

The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California Polytechnic State University-San Luis Obispo; Cosumnes River College; DARK Enterprises...