[This is a Guest Diary by Joseph Flint, an ISC intern as part of the SANS.edu BACS [1] program] Access brokers are groups referred to that obtain initial access in….

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic. According to the Black Lotus Labs team at Lumen Technologies, the….

One of the hardest applications to create securely is webmail. E-mail is a complex standard, and almost all e-mail sent today uses HTML. Displaying complex HTML received in an e-mail….

An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices’ firmware as well as misconfigured security features. “These….

Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer. “The campaign is global, with Netskope Threat….

Last month, Henry Farrell and I convened the Third Interdisciplinary Workshop on Reimagining Democracy (IWORD 2024) at Johns Hopkins University’s Bloomberg Center in Washington DC. This is a small, invitational….

An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads. The findings come from….

Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches[1],[2]. While identity-based attacks continue to dominate as….

SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a….