Security Bulletin

ALPHV/BlackCat ransomware operation allegedly targeted major U.S. healthcare revenue and payment cycle management provider Change Healthcare.

Cloud environments are being compromised by APT29 not only through previously breached access service account credentials but also via old employee accounts that were not disconnected by organizations.

Learn how you can ingest your cloud-specific vulnerability findings from Amazon Inspector into Cisco Vulnerability Management for effective prioritization.

Companies may file early now, but the filings are mostly generic – striking a balance between early filing and thorough incident reporting remains challenging.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-F Series Vulnerability: Insufficient Resource Pool 2. RISK EVALUATION Successful...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

CISA released two Industrial Control Systems (ICS) advisories on February 27, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-058-01 Mitsubishi Electric Multiple...

Today, CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released an update to the joint advisory #StopRansomware: ALPHV Blackcat to provide new indicators of compromise (IOCs) and tactics...

Cyber threat intelligence demands smart planning and support from key stakeholders. Here are the top priorities, according to IT security professionals.

Starting today, we are doubling the maximum bounty award for the Microsoft 365 Insider Bug Bounty Program to $30,000 USD for high impact scenarios, such as unauthenticated non-sandboxed code execution with no user interaction. We are also expanding...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The Los Angeles International Airport had a database containing 2.5 million records exposed by IntelBroker following a cyberattack against one of its customer relationship management systems conducted this month, reports Hackread.