Security Bulletin

Internet service restoration efforts are already being conducted alongside Roskomnadzor, the country's communications regulator, noted ASVT, which has named Ukraine's IT Army hacktivist operation as the perpetrator of the intrusion.

Attackers who infiltrated Wiles' phone were able to impersonate the official in text messages and calls to senators, governors, and business executives across the country, according to a report from The Wall Street Journal, which cited statements...

Information exfiltrated during the Thanksgiving intrusion had been leveraged by attackers to facilitate threatening extortion techniques against cancer patients, according to the class action.

Investigation into the incident, which did not significantly affect post-acute care facilities, is already underway, noted Covenant Health.

Included in the stolen dataset were individuals' email addresses, mobile numbers, TikTok user IDs, usernames, nicknames, biographies, avatar URLs, profile links, account flags, and other metrics, according to Often9.

While the Canonical apport package flaw, tracked as CVE-2025-5054, could be leveraged to facilitate data leaks through PID-reuse, the systemd-coredump bug, tracked as CVE-2025-4598, could be abused to force crash a SUID process that would be replaced...

Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments.

The US needs to establish a clear framework to provide reasonable guardrails to protect its interests — the quicker, the better.

Cisco Secure Workload serves as a foundational solution for organizations seeking to implement an effective microsegmentation strategy.

Flexibility, collaboration, and modularity are defining the next wave of enterprise IT Enterprise infrastructure strategy is entering a new phase—one where the goal is no longer just centralization or consolidation, but intelligent distribution. IT...

CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-32030 ASUS Routers Improper Authentication Vulnerability CVE-2023-39780 ASUS RT-AX55 Routers OS Command...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.