Security Bulletin

The misconfiguration revealed more than 106 million records with U.S. citizens' private information and over 2.3 million MC2 Data subscribers' data.

After obtaining initial access via local or domain account exploitation, Twelve proceeds to leverage Remote Desktop Protocol to facilitate further infrastructure penetration, as well as utilize other tools, including Cobalt Strike, Chisel, Mimikatz...

Such a development comes less than a week after the confirmed exploitation of the high-severity operating system command injection bug in CSA, tracked as CVE-2024-8190, which was believed to have been used alongside another vulnerability due to its...

Aside from leveraging spear-phishing emails, Earth Baxia also exploited the recently addressed critical GeoServer GeoTools flaw, tracked as CVE-2024-36401.

Look for large state governments like New York to lead the way in addressing many of healthcare’s cybersecurity issues, not Congress.

While going over a batch of phishing e-mails that were delivered to us here at the Internet Storm Center during the first half of September, I noticed one message which was somewhat unusual. Not because it was untypically sophisticated or because it...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

The Ukrainian government banned the Russian-owned Telegram app for official communications.

The FOCAL plan outlines baselines to synchronize cybersecurity priorities and policies across, as well as within, agencies.

The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).

A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.