Security Bulletin

Summary Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol. This vulnerability (CVE-2023-44487)...

Here are five pitfalls cloud security teams face and how to avoid them.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

More than 70,000 low-cost Android smartphones, tablets, and connected TV devices from one or more Chinese manufacturers have been compromised by the Badbox cybercriminal operation with the Triada malware prior to being sold to consumers, reports...

Killnet, Anonymous Sudan, along with other groups, pick up up their Middle East activities as war breaks out.

Following the publication of the critical Linux security vulnerability, security specialists released PoC exploits to test the implications of CVE-2023-4911.

Simulated ransomware attacks aimed to improve healthcare cyber threat mitigation efforts will be conducted by the University of California San Diego School of Medicine's new Center for Health Care Cybersecurity using the $9.5 million grant from the...

Nearly $900 million worth of cryptocurrency had been laundered by North Korea's Lazarus Group through cross-chain bridges from July 2022 to July 2023, making the state-backed hacking operation a primary driver of the 111% growth in proceeds sent...

Major cloud software provider Blackbaud has agreed to pay $49.5 million to 49 U.S. states in an effort to resolve allegations of consumer protection and breach notification law, as well as Health Insurance Portability and Accountability Act...

MGM Resorts has confirmed that customer data had been stolen in a ransomware attack that cost the global hospitality and entertainment company nearly $100 million in total damages, according to The Record, a news site by cybersecurity firm Recorded...