Security Bulletin

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a...

We can keep data secure, but we have to overcome perception and cultural issues and develop standards and more effective tools.

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q2...

Keylogging is a pretty common feature of many malware families because recording the key pressed on a keyboard may reveal a lot of interesting information like usernames, passwords, etc. Back from SANSFIRE, I looked at my backlog...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

NoName057(16) functions as a hacktivist crew primarily carrying out politically motivated DDoS attacks.

After years of delays, Google ditched its plan to kill cookies, instead opting to let users make an “informed choice.”

Q&A with Cisco’s own Scott McGregor on the ongoing impact of Cisco’s Social Justice beliefs and actions and what comes next.

Russia has cast aside its focus on civilian infrastructures and is instead targeting Ukraine's military operations in myriad ways.

The cohort's variety of individual tools covers just about any operating system it could possibly wish to attack.

Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.

Industrial manufacturers should take steps to protect Modbus devices and segment networks.