Security Bulletin

More than 100 organizations in the U.S. and Europe have been subjected to a far-reaching StrelaStealer malware attack campaign aimed at exfiltrating email account credentials that peaked from late January to early February, BleepingComputer reports.

In the modern manufacturing landscape, operational simplicity is paramount. Cloud platforms streamline processes, reduce costs, and foster innovation, empowering companies to navigate complexity with agility and resilience.

One China-linked threat actor boasted of compromising hundreds of organizations using the known vulnerabilities.

Discover how the latest version of Cisco Catalyst Center reduces risk by integrating with Cisco Lifecycle Services’ Success Tracks to enable predictable business outcomes by combining the best Catalyst Center telemetry, orchestration, and automation...

Certificate management The Stork server generates its CA (Certificate Authority) and will use it to then generate its own server certificate and also any certificates needed for agents that will connect to it. This is done automatically and does not...

Cisco’s Executive Leadership Team (ELT) is building on its strong foundation. Eyal Dagan will step into a new role as EVP of Strategic Projects, to ensure our innovation and leadership in the technology industry remains strong, and Martin Lund will...

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent, well-publicized exploitation of SQL injection...

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 Ivanti Endpoint Manager Cloud...

Companies need to update their security awareness training efforts to meet the new realities of Generative AI.

I am TA-ing for Taz for the new SANS FOR577 class again and I figured it was time to release some fixes to my le-hex-to-ip.py script that I wrote up last fall while doing the same. I still plan to make some additional updates to the script to be able...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The reason I extracted a PE file in my last diary entry, is that I discovered it was the dropper of a Cobalt Strike beacon @DebugPrivilege had pointed me to. My 1768.py tool crashed on the process memory dump. This is fixed now, but it...