August 2023 Patch Tuesday forecast: Software security improvements
August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ The continued onslaught of phishing attacks, ransomware deployment, and other exploitation is forcing …
New persistent backdoor used in attacks on Barracuda ESG appliances
The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection …
Citrix ADC zero-day exploitation: CISA releases details about attack on CI organization (CVE-2023-3519)
The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the …
Thanks Storm-0558! Microsoft to expand default access to cloud logs
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, …
U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity
The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less …
White House publishes National Cybersecurity Strategy Implementation Plan
The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, …
Beyond MFA: 3 steps to improve security and reduce customer authentication friction
For many people, life’s fundamental activities are now conducted online. We do our banking and shopping online, turn to the digital realm for entertainment and to access …
20 cybersecurity projects on GitHub you should check out
Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. …
ON2IT adds CISA Zero Trust Maturity Model to AUXO cloud platform
ON2IT announces the addition of the CISA Zero Trust Maturity Model into its Zero Trust as a Service platform, AUXO. Organizations can use ON2IT’s Zero Trust as a Service …
The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals
The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, …
Turla’s Snake malware network disrupted by Five Eyes’ authorities
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated …
Apple rushes fixes for exploited zero-days in iPhones and Macs (CVE-2023-28205, CVE-2023-28206)
Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. Reported by …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments