I have been so grateful for my experience with ISA over the past 45 years.
I started my automation career with a stubborn machine, a relay panel and a $350 PLC + HMI combo.
Cisco has reported exploitation in the wild of two 0-day vulnerabilities affecting Cisco Adaptive Security Appliance (ASA), CVE-2025-20333 and CVE-2025-20362, allowing RCE and local privilege...
Introduction Some time in 2024, during a Project Zero team discussion, we were talking about how remote ASLR leaks would be helpful or necessary for exploiting some types of memory corruption...
The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity. The post CISA says it observed nearly...
Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. Cisco is a leading technology company best known for its networking...
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive. The post CISA alerts federal agencies of...
Premier US government cyber conference previews AI on offense, on defense, and as a target
Hazel celebrates unseen effort in cybersecurity and shares some PII. Completely unrelated, but did you know “Back to the Future” turns 40 this year?
Cisco published advisories and a supplemental post about three zero-day vulnerabilities, two of which were exploited in the wild by an advanced threat actor associated with the ArcaneDoor...
A vulnerability has been discovered in Nx (build system) Package, which could allow for sensitive data exfiltration. Nx is a smart, fast, and extensible build system designed for managing...
We are further hardening Cloudflare Workers with the latest software and hardware features. We use defense-in-depth, including V8 sandboxes and the CPU's memory protection keys to keep your data safe.
Over the past year, Bitdefender researchers have been monitoring a persistent malicious campaign that initially spread via Facebook Ads, promising “free access” to TradingView Premium and other...
We dissect a recent incident where npm packages with millions of downloads were infected by the Shai-Hulud worm. Kaspersky experts describe the starting point for the source of the infection.
Malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers
The wait is almost over. The final Digital Personal Data Protection (DPDP) Rules are just days away, marking the next big step after the enactment of the DPDPA in 2023. With only a few days left,...
In September 2024, French retailer Cultura was the victim of a cyber attack they attributed to an external IT service provider. The resultant data breach included almost 1.5M unique email...
Discover what 520+ security leaders revealed about AI in threat intelligence. Explore key use cases, trust levels, and how AI is transforming cybersecurity operations.
BRICKSTORM is a Go backdoor (with SOCKS proxying) deployed preferentially on Linux/BSD network and edge appliances that often lack EDR coverage. Attackers favor devices like VMware vCenter/ESXi as...
SonicWall has disclosed a security incident affecting its MySonicWall cloud backup service. Threat actors conducted brute force attacks on the MySonicWall.com portal and gained unauthorized access...
7 proven practices for adopting a positive security model and making it stick
Posted by Elie Bursztein and Marianna Tishchenko, Google Privacy, Safety and Security TeamEmpowering cyber defenders with AI is critical to tilting the cybersecurity balance back in their favor as...
Researchers said Thalha Jubair was a principal operator, leading or directing many attacks attributed to the hacker subset of The Com since 2022. The post Teen arrested in UK was a core figure in...
Written by: Sarah Yoder, John Wolfram, Ashley Pearson, Doug Bienstock, Josh Madeley, Josh Murchie, Brad Slaybaugh, Matt Lin, Geoff Carstairs, Austin Larsen Introduction Google Threat Intelligence...
The researchers who uncovered the “very, very advanced adversary” behind the malware said it could be a big problem years into the future. The post Brickstorm malware powering ‘next-level’ Chinese...
After a year since we started enabling Automatic SSL/TLS, we want to talk about these results, why they matter, and how we’re preparing for the next leap in Internet security.
The Secret Service’s takedown in New York shines a light on a type of threat that is technically fascinating and deeply concerning for national security: large-scale cellular interception networks...
The Secret Service’s takedown in New York shines a light on a type of threat that is technically fascinating and deeply concerning for national security: large-scale cellular interception networks...
What happens when you bring in a team of cybersecurity responders? How do we turn chaos into control, and what is the long-term value that Talos IR provides to the organizations we work with?
Virtual Private Networks (VPNs) have been the go-to solution for securing remote access to banking systems for decades. They created encrypted tunnels for employees, vendors, and auditors to...