Security Bulletin

Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Despite its good intentions, many experts said the bill took a flawed approach to regulating AI safety.

Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space.

A team of security researchers discovered a vulnerability that allows for Kia cars to be remotely compromised with nothing more than a license plate number.

CISOs for US states face the same kinds of challenges those at private companies do: lots of work to handle, but not necessarily enough money or people to handle it sufficiently well.

The cyberattackers allegedly stole information from US campaign officials only to turn around and weaponize it against unfavored candidates.

The US Federal Energy Regulatory Commission spells out what electric utilities should do to protect their software supply chains, as well as their network "trust zones."

For development teams awash in vulnerability reports, reachability analysis can help tame the chaos and offer another path to prioritize exploitable issues.

Midsize accounting firm takes nearly a year to notify customers of a breach.

One of the problems I've had since I originally wrote mac-robber.py [ 1][ 2][ 3] seven years ago is that because of the underlying os.stat python library we couldn't get file creation times (B-times). Since the release of GNU...