Security Bulletin

An uptick of ransomware activity by the group in late July that uses the vendor's SSL VPN devices for initial intrusion shows evidence of an as-yet-undisclosed flaw under exploitation.

Investing in building a human-centric defense involves a combination of adaptive security awareness training, a vigilant and skeptical culture, and the deployment of layered technical controls.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Just saw something that I thought was long gone. The username "pop3user" is showing up in our telnet/ssh logs. I don't know how long ago it was that I used POP3 to retrieve e-mail from one of my mail servers. IMAP and various webmail systems...

Random numbers are the cornerstone of cryptographic security — cryptography depends on generating random keys. As organizations adopt quantum-resistant algorithms, it's equally important to examine the randomness underpinning them

Dark Reading's 2025 News Desk marks a decade of Black Hat USA memories. We're making our return with a slate of interviews that help you stay up on the latest research from Black Hat — no trip to Las Vegas required.

As a technical advocate focused on cybersecurity in Learn with Cisco, my mission is to empower our community with the knowledge and tools to thrive in today’s ever-evolving landscape. Few cybersecurity events embody the spirit of innovation and...

Security debt ahoy: only about half of the code that the latest large language models (LLMs) create is cybersecure, and more and more of it is being created all the time.

By creating a safe environment for open discussion, prioritizing human context alongside technical data, and involving diverse stakeholders, organizations can turn security incidents into accelerators of resilience.

When trying to crack your way into a cyber career, true passion and a bold love of the industry is a must, if you want to set yourself apart from hundreds of other job applicants, according to Weave CISO Jessica Sica.

What if malware didn't require an operating system to function? How would anyone possibly notice, let alone disable it?

ISC2 is launching a 6-course certificate program to address the growing demand for AI security expertise. Courses cover topics such as AI fundamentals, ethics, and risks.