Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
[This is a Guest Diary by Eric Roldan, an ISC intern as part of the SANS.edu BACS program]
Meta’s smart glasses promise privacy “designed for you” – but everything they record was being beamed off to workers in Nairobi to label by hand.
A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy's platform for managing fleets of WordPress websites.
Authors of the VoidStealer Trojan uncovered a way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.
ShinyHunters' attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational institutions put into their vendors.
xlabs_v1 botnet exploits ADB port 5555 to recruit IoT devices, enabling 21 DDoS methods and bandwidth-tiered attacks on gaming servers
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system.
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery.
Disc Soft Limited, the maker of DAEMON Tools Lite, confirmed that the software had been trojanized in a supply chain attack and released a new, malware-free version.
The company raised another $35 million as an extension to its previously announced Series C funding round.
Backups don't fail because they're missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery.
The startup will invest in expanding its training categories, optimizing video generation, and growing its partnership ecosystem.
