For the latest discoveries in cyber research for the week of 18th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Canadian House of Commons has suffered a data breach. The incident resulted in unauthorized access to a database containing employees’ names, office locations, email addresses, and information on House-managed computers and…
ISC Stormcast For Monday, August 18th, 2025 https://isc.sans.edu/podcastdetail/9574, (Mon, Aug 18th) Source link
ISC Stormcast For Friday, August 15th, 2025 https://isc.sans.edu/podcastdetail/9572, (Fri, Aug 15th) Source link
As the world gradually adopts and transitions to using 5G for mobile, operational technology (OT), automation and Internet-of-Things (IoT) devices, a secure 5G network infrastructure remains critical. Recently, the Automated Systems SEcuriTy (ASSET) Research Group have released a new framework named SNI5GECT [pronounced as Sni-f-Gect (sniff + 5G + inject)] that enables users of the…
The cybersecurity landscape evolves relentlessly, with new adversaries and threats emerging daily. For organizations navigating these challenges, reactive responses are no longer enough. It’s about moving from complex, disconnected data streams to proactive, autonomous solutions with actionable intelligence. This is where Agentic AI stands out. It empowers businesses to stay ahead of adversaries through rapid…
When Windows Management Instrumentation (WMI) classes fail, it can disrupt critical security operations by causing vulnerability scans to miss important data and compliance reports to lack accuracy. These issues may lead to gaps in visibility, making it harder for security teams to maintain a comprehensive understanding of their environment. By addressing WMI class failures proactively,…
ISC Stormcast For Thursday, August 14th, 2025 https://isc.sans.edu/podcastdetail/9570, (Thu, Aug 14th) Source link
[This is a Guest Diary by Joseph Noa, an ISC intern as part of the SANS.edu BACS program] Introduction Time is of the essence when it comes to attacks and understanding what you’re seeing can be tricky when under pressure. As security professionals, we need to use every tool available to us so we can…
One of the key messages broadcasted by security professionals is: “Patch, patch and patch again!”. But they are nasty vulnerabilities that remain exploited by attackers even if they are pretty old. CVE-2017-11882 is one of them: this remote code execution affects Microsoft Office and, more precisely, the good old “Equation Editor”. This tool was even killed…
ISC Stormcast For Wednesday, August 13th, 2025 https://isc.sans.edu/podcastdetail/9568, (Wed, Aug 13th) Source link
