Security Bulletin

Why Joe Sullivan feels paying off attackers was a way of solving the problem.

Volunteering at a community radio station showed Collaboration Demo Practice Lead Richard H. how collaboration brings communities together and transforms lives.

Our ability to impact billions of lives lies in our ability to scale. We’re now expanding our areas of focus to impact entire communities through our Social Impact, Networking Academy, and Country Digital Acceleration programs — to address systemic...

Explore how Cisco crafts AI security experiences, addressing LLM evaluation, prioritization of initiatives, and balancing cost, quality, and latency.

Today, CISA released the draft Secure Cloud Business Applications (SCuBA) Google Workspace (GWS) Secure Configuration Baselines and the associated assessment tool ScubaGoggles for public comment. The draft baselines offer minimum viable security...

CISA released two Industrial Control Systems (ICS) advisories on December 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-346-01 Schneider Electric Easy UPS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Vendor: Schneider Electric Equipment: Easy UPS Online Monitoring Software Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow elevation of...

Apple has released security updates for Safari, iOS and iPadOS, Sonoma, Ventura, and Monterey to address multiple vulnerabilities. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages...

The Apache Software Foundation has released security updates to address a vulnerability (CVE-2023-50164) in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to...

Adobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...

Here’s why organizations really need to do a better job managing the identities of their contractors.