For providers

Stealthier attacks have been facilitated by threat actors through the utilization of several strategically positioned internet-connected GEOBOX devices.

Microsoft 365 and Gmail accounts have been increasingly targeted with attacks leveraging the new Tycoon 2FA phishing-as-a-service kit.

Top.gg GitHub organization, which is commonly leveraged for Discord servers, and other GitHub developers have been compromised in a new software supply chain attack campaign that involved browser cookie exfiltration and malicious PyPi package publication.

Attacks commenced with the delivery of malicious emails with PDF attachments linking to file-sharing site-hosted documents, which when opened fetches an MSI installer-containing ZIP archive that prompts Atera Agent installation.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Data memory-dependent prefetching can enable side-channel extraction of cryptographic secrets.

Curious about environmental reporting? Learn how it helps increase transparency and trust, and helps promote best practices.

Solutions Engineer Marcio Costa created a Q&A bot in Webex by integrating it with ChatGPT using OpenAI APIs. Follow along as Marcio explains how he learned the basics of APIs, practiced with Cisco DevNet Learning Labs, and used Webex Connect to create workflows and automation using APIs to make the process much simpler and faster.