Security Bulletin

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Take cybersecurity action with Cisco Learning & Certifications and finish Cybersecurity Awareness Month strong with free Cisco learning offers.

A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding.

Despite warnings that sending one-time passwords via text messages is a flawed security measure, companies continue to roll out the approach, especially in consumer-facing applications.

Brasileiro cybercrime has been on the rise. Now, one campaign targeting bank customers has reached beyond the Americas, into Europe.

The investigation is ongoing, and the city will contact those who may have potentially been affected by the breach, it said.

Looking at the top 10 priorities of state CIOs underscores the importance of securing applications and APIs in complex environments.

Okta downplayed the incident, but security researchers point out that the support management system could contain valuable information related to Okta customer support cases.

Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.

A spoofed version of an Israeli rocket-attack alerting app is targeting Android devices, in a campaign that shows how cyber-espionage attacks are shifting to individual, everyday citizens.