Security Bulletin

The US National Institute of Standards and Technology released Security and Privacy Control version 5.2.0 to help organizations be more proactive regarding patching.

Attackers exploited weak TACACS+ encryption to steal credentials and evade detection. Learn how Cisco ISE with TLS 1.3 and Duo MFA closes these backdoors.

In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments.

What can almost 2,000 sextortion messages tell us about how threat actors operate and whether they are successful? Let&#x27s find out.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

We uncovered 1,100+ exposed Ollama LLM servers—20% with open models—revealing critical security gaps and the need for better LLM threat monitoring.

A user reported a bug in pdf-parser: when dumping all filtered streams, an error would occur:

Wireshark release 4.4.9 fixes 5 bugs.

Auditing must be seen for what it truly can be: a multiplier of trust, not a bottleneck of progress.

Generating exploits with AI and large language models shrinks the time to target software flaws, giving security teams scant time to patch. Can enterprises adapt?

A 2025. 35. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.08.22. és 2025.08.28. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.