Security Bulletin

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a...

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...

Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21412 Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability CVE-2024-21351 Microsoft...

Ransomware expert warns public disclosure gives Rhysida opportunity to strengthen encryption.

Here’s three ways we can create more diversity into cybersecurity and fulfill the staffing needs the industry desperately requires.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The developers behind a widespread worm are nesting further into networks by exploiting Windows escalation opportunities faster than organizations can patch them.

TechCrunch reports that Oklahoma-based casino and hotel resort WinStar had its customers' sensitive data inadvertently leaked by an exposed database owned by Nevada software startup Dexiga, which developed the casino resort giant's My WinStar app.

Updated Raspberry Robin malware emerges Several updates have been introduced to the Raspberry Robin malware, also known as QNAP worm, including its usage of two new exploits for one-day vulnerabilities, tracked as CVE-2023-36802 and CVE-2023-29360...