Security Bulletin

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q3...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

If exploited, bad actors can execute arbitrary code while evading detection thanks to a renamed process.

The vulnerability affects all versions prior to v0.68.0 and highlights the risks organizations assume when consuming open source software and code.

Cybersecurity is not "one size fits all." Employers, recruiters, and managers need to embrace neurodiversity through inclusive hiring practices, tailored training programs, and adaptive management styles.

Without DMARC, campaigns remain highly susceptible to phishing, domain spoofing, and impersonation.

The newly introduced SailPoint Identity Graph represents a significant advancement in how organizations can visualize and manage identity security.

GoDaddy flagged a ClickFix campaign that infected 6,000 sites in a one-day period, with attackers using stolen admin credentials to distribute malware.

Back in June of 2010, The Electronic Frontier Foundation (EFF) released the first beta release of the "HTTPS Everywhere" plugin [1]. Even then, most websites offered HTTPS. But unlike today, HTTP was often still the default, and HTTPS was not always...