Please turn on your JavaScript for this page to function normally.
cyber war readiness
Why cyber war readiness is critical for democracies

Once the war in Ukraine ends, Russia’s offensive cyber capabilities will be directed towards other targets, Rik Ferguson, VP Security Intelligence for Forescout, …

IRISSCON 2023
Photos: IRISSCON 2023

IRISSCON, the annual cybercrime-themed conference organized by the Irish Reporting and Information Security Service (IRISS), was held in Dublin, Ireland, on November 16, 2023. …

lock
From PKI to PQC: Devising a strategy for the transition

Quantum computers capable of breaking currently used encryption algorithms are an inevitability. And since the US, China and Europe are sprinting to win that arms race, we …

Juniper Networks
Juniper networking devices under attack

CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are …

open-source software
Open-source vulnerability disclosure: Exploitable weak spots

Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are …

Okta breach post mortem reveals weaknesses exploited by attackers

The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our …

atlassian confluence
Atlassian Confluence data-wiping vulnerability exploited

Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …

Microsoft launches new initiative to augment security

Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost …

ransomware
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)

Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). …

F5
F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has …

MITRE ATT&CK
MITRE ATT&CK v14 released

MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. …

Atlassian
Atlassian patches critical Confluence bug, urges for immediate action (CVE-2023-22518)

Atlassian is urging enterprise administrators to update their on-premises Confluence Data Center and Server installations quickly to plug a critical security vulnerability …

Don't miss

Cybersecurity news