Security Bulletin

Cisco’s Zero Trust Network Access (ZTNA) approach ensures secure, seamless access to apps and devices with zero trust. With ZTNA, Cisco IT now has flexibility, visibility, and protection for critical assets anywhere.

In diary entry " Formbook Delivered Through Multiple Scripts", Xavier mentions that the following line:

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The finger.exe command is used in ClickFix attacks.

The SANS Holiday Hack Challenge™ 2025 is available.

Like many have reported, we too noticed exploit attempts for CVE-2025-64446 in our honeypots.

The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant sectors.

A public dataset and platform-agnostic analysis tool aim to help organizations in the fight against Apple-targeted malware, which researchers say has lacked proper attention.

A kitchen-sink approach to building containers has loaded many with vulnerabilities. A handful of companies are trying to slim them down.

A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz protocol.

Amazon Web Services VP Sara Duffer highlights the top lessons she brought back to her security role after taking part in Amazon's shadow program.

Most enterprises use more than 1,000 apps, according to ESG research, yet about half are integrated with IGA. Industry innovations enable teams to expand app coverage and get more IGA value.