Security Bulletin

The playbooks that accompany your incident response plan provide efficiency and consistency in responses, help reduce downtime and dwell time, and can be a cost-saving and reputational-saving measure for your organization.

Microsoft is readying a new release of Windows in 2025 that will have significant security controls, such as more resilient drivers and a "self-defending" operating system kernel.

The vast majority of red team exercises that I (and my team, of course) have been doing lately are assumed breach scenarios. In an assumed breach scenario (and we cover this in the amazing SEC565: Red Team Operations and Adversary Emulation SANS...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

There are many malicious scripts available on the Internet. Github has plenty of info stealers and RATs made available “for testing or research purposes”. Here is one that I found recently: Trap-Stealer[ 1]. Often those scripts are pretty well...

Whether it's detecting fraudulent activity, preventing phishing, or protecting sensitive data, AI is transforming cybersecurity in ridesharing.

Fixes have been released by IBM to address numerous product vulnerabilities, the most serious of which are a pair of high-severity remote code execution bugs in its Data Visualization Manager and Security SOAR offerings, reports SecurityWeek.

Nearly 50% of over 200,000 WordPress sites with the Spam protection, Anti-Spam, FireWall by CleanTalk plugin were discovered to remain impacted by a pair of critical authorization bypass vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781...

SiliconAngle reports that a Netcraft study has revealed an increase in the use of artificial intelligence large language models in crafting fake online stores and deceptive content during the Black Friday shopping period.

Active intrusions involving a critical web security flaw impacting Array Networks AG and vxAG secure access gateways have resulted in the bug's inclusion into the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities...

More than 134,000 cybercrime networks and infrastructures across Africa have been taken down by Interpol and Afripol as part of the massive Operation Serengeti effort, which also resulted in the arrest of 1,006 suspected cybercriminals believed to...