Security Bulletin

It is my pleasure to announce the general availability of several new DevNet sandboxes. We’re continuously monitoring sandbox utilization and listening to our community so that we can continuously improve the user experience we are providing with our...

Since April, attackers have increased their use of Dropbox, OneDrive, and SharePoint to steal the credentials of business users and conduct further malicious activity.

The most recent blog from Kunal Hatode focuses on building an AI-native security operations center. Come dive into the details and join the conversation.

Using existing encryption and key management technologies, enterprises can realize quantum-safe encryption today without waiting for implementations.

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23113 Fortinet Multiple Products Format String Vulnerability CVE-2024-9379 Ivanti Cloud Services Appliance...

A few days ago, a new stealthy malware targeting Linux hosts made a lot of noise: perfctl[ 1]. The malware has been pretty well analyzed and I won&#x27t repeat what has been already disclosed. I found a copy of the "httpd" binary (SHA256...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Consumers are victims of online scams and have their data stolen, but they are lagging on adopting security tools to protect themselves.

The ransomware ecosystem continues to fragment, with 31 new “name-and-shame” groups emerging in a year’s time.

Attorneys for Joseph Sullivan argue the jury didn't hear essential facts of the case during the original trial and that his conviction must be overturned.

Threat actors are actively exploiting two of the vulnerabilities, while three others are publicly known and ripe for attack.

A new attack is targeting networks with air-gapped machines