Security Bulletin

More recent intrusions by the APT41-linked threat group — which were confirmed to hit Italy, Qatar, and the United Arab Emirates and suspected to compromise Romania and Georgia — involved the targeting of internet information services and other...

After infiltrating Kootenai Health's IT systems on Feb. 22, the ransomware operation spent 10 days to facilitate the theft of patients' full names, birthdates, Social Security numbers, government ID numbers, and driver's licenses, as well as medical...

Aside from spearheading the first-ever ransomware-as-a-service operation Reveton along with co-conspirators also charged in the U.S. in 2011, Silnikau also led the Angler exploit kit, which had been leveraged in malvertising campaigns against U.S...

Intrusions exploiting the flaw, which has been patched but not detailed as part of the June Patch Tuesday update, could be launched remotely by attackers who have obtained interactions from targeted users, according to Microsoft.

Learn how Cisco’s User Protection Suite provides fast and secure connection to applications, even while traveling.

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the...

By giving users specific feedback on recent attacks and offering interactive forums, companies can keep their staffs up-to-speed on the latest threats.

The Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.

The threat group is disrupting healthcare organizations. Victims can help themselves, though, even after compromise, by being careful in the decryption process.

One of my hunting rules hit on potentially malicious PowerShell code. The file was an MSI package (not an MSIX, these are well-known to execute malicious scripts[ 1]). This file was a good old OLE package:

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

While there are smart people and good leaders in other fields, we need to cultivate and grow leaders from the existing cybersecurity workforce, too.