Security Bulletin

Deserialization vulnerability that could let attackers run a remote code execution (RCE).

Cybersecurity vendors say threat actors' abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.

Our API (https://isc.sans.edu/api) continues to be quite popular. One query we see a lot is lookups for individual IP addresses. Running many queries as you go through a log may cause you to get locked out by our rate limit. To help with that, we now...

The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.

Today, connectivity is no longer a form of aid; instead, it’s often necessary to even receive aid. Beneficiary registration, digital cash, relief benefits, and social service applications all require secure connectivity— and Cisco helps deliver this...

While most of the browser-based phishing attempts involved the spoofing of Microsoft, Facebook, and Netflix.

All six actions have since been consolidated, and the consolidated class action complaint was filed on November 7, 2024.

Abusing the security issues, which arise from inadequate user input sanitization, could enable threat actors to facilitate system command injections, arbitrary code execution, and eventual ICS hijacking.

Investigation into the incident that concluded last month revealed that infiltration of PSEA's systems on July 6.

Attackers eventually used YouTube and Discord to promote the bogus cracked software downloader ArcanaLoader to facilitate the distribution of Arcane malware.

While SpyX accounted for most of the 1.97 million stolen account records and email addresses obtained by HaveIBeenPwned.

Most impacted by the IT Army's distributed denial-of-service intrusions were Russian regional telecommunications operators.