Security Bulletin

On March 31, 2025 the new PCI 4.0 requirements go into effect. These requirements were future dated to enable organizations the ability to prepare for the adoption.

Cisco’s User Protection Suite now includes Identity Services Engine (ISE), enabling organizations to achieve zero trust for the workplace.

Note: The CVEs in this advisory are unrelated to vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivanti’s Connect Secure, Policy Secure and ZTA Gateways. For more information on mitigating CVE -2025-0282 and CVE-2025-0283, see Ivanti Releases...

CISA, in partnership with the Federal Bureau of Investigation (FBI), released Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications. This advisory was crafted in response to exploitation of vulnerabilities— CVE-2024-8963, an...

Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity systems.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The reversal removes certain reporting requirements for developers of powerful foundation models.

Virginia man faces up 10 years in prison for two counts of willful retention and transmission of classified information.

In a letter sent today, the acting DHS secretary terminated membership to all advisory boards, including the Cyber Safety Review Board (CSRB) tasked with investigating state-sponsored cyber threats against the US.

Sophos noted more than 15 attacks have been reported during the past three months.

The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country's intelligence community.