Security Bulletin

Cisco partnered with BBC StoryWorks’ Human Component series to showcase three of our nonprofit partners who are using technology to create human connections. Read—and watch—to be inspired by their impact.

Microsoft partners with the global security researcher community to surface and report security vulnerabilities to protect all users of Microsoft products and services. Researcher submissions help us address immediate threats while also identifying...

The nation-state espionage group known for attacking Pakistan has expanded its reach to targets in Egypt and Sri Lanka.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

IBM’s Cost of a Data Breach 2024 report revealed AI-driven defenses significantly lower breach expenses.

Clutch Security is the latest cybersecurity startup looking to secure and manage non-human identity.

According to the study, around 400 stolen GenAI credentials are being sold by threat actors per day.

With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.

It is a coordinated effort involving multiple threat clusters, each with toolsets and tactics to maintain long-term access.

Microsoft researchers said attackers sought to gain full administrative privileges on ESXi servers via Active Directory.

Yesterday, Apple released patches across all of its operating systems. A standalone patch for Safari was released to address WebKit problems in older macOS versions. Apple does not provide CVSS scores or severity ratings. The ratings below are based...