Security Bulletin

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Ivanti products have given us a rich corpus of vulnerabilities in recent months (years). Of course, we do see occasional scans attempting to exploit them. Just today, I spotted two of them. None of them is particularly new, but a reminder to keep...

Disconnected data hurts cybersecurity by preventing clear, real-time insights.

The networking company found liable for illegally gathering user data for targeted advertising by the Irish Data Protection Commission.

Bug bounties of up to $1 million are available for researchers who find flaws in the platform.

Amazon broke up a phishing operation that impersonated thousands of Amazon Web Service (AWS) domains.

Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.

Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.

Eight months after the breach occurred, Change Healthcare has finally sent out millions of notices of compromised data to affected individuals.

Change Healthcare breach viewed as the largest healthcare breach in history.

With industries deep into their digital transformation journeys, identity security is undergoing its own evolution.