Security Bulletin

After conducting a DNS poisoning attack against the ISP, StormBamboo leveraged vulnerable HTTP software update mechanisms without digital signature validation to facilitate the installation of MACMA and MgBot malware to Windows and macOS systems.

Mark Weatherford, a seasoned cybersecurity professional with a distinguished career in both the public and private sectors, shares his perspectives on the evolving landscape of governance, risk management, and compliance (GRC).

Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world.

Cisco XDR turns one year old. Here is the backstory of how we developed relationships and alliances with “competitors” to have the open ecosystem of today.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2018-0824 Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are...

The scheme, from the group also known as APT28, involves targeting Eastern European diplomats in need of personal transportation and tempting them with a purported good deal on a Audi Q7 Quattro SUV.

While bringing on an early-adopter security tool presents some risk for a CISO, it’s often a good choice for the right organization.

We are excited to announce that this year the Microsoft Bounty Program has awarded $16.6M in bounty awards to 343 security researchers from 55 countries, securing Microsoft customers in partnership with the Microsoft Security Response Center (MSRC)...

Threat actors like to make detection and analysis of any malicious code they create as difficult as possible – for obvious reasons. There are any number of techniques which they may employ in this area, nevertheless, the one approach, that is...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

When I wrote about the internal file format of protected spreadsheets, I mentioned a simple 16-bit hash for .xls files in diary entry " 16-bit Hash Collisions in .xls Spreadsheets" and a complex hash based on SHA256 for .xlsx files in diary entry "...

Plan your route to Cisco certification success with insights, tips, and advice from our experts.