enterprise
Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)
The patch for a vulnerability (CVE-2020-8260) in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich …
How security leaders can build emotionally intelligent cybersecurity teams
How a leader motivates their team, gathers, and uses information, makes decisions, manages change initiatives, and handles crises is referred to as “leadership style”, and is …
How to develop a skilled cybersecurity team
What skills should aspiring information security workers possess and work on? What certifications can come in handy more than others? What strategies should organizations …
40% fell victim to a phishing attack in the past month
The global shift to remote work has exacerbated the onslaught, sophistication, and impact of phishing attacks, according to Ivanti. Nearly three-quarters (74%) of respondents …
Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)
A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, …
What’s next on the agenda for Chief Compliance Officers?
As demands on the compliance function grow more intense, Chief Compliance Officers (CCOs) must proactively embrace new leadership responsibilities for their role and …
Gmail increases email security by adding support for BIMI
Organizations who deploy Domain-based Message Authentication, Reporting, and Conformance (DMARC) will, from now on, be able to increase Gmail recipients’ trust in the …
How to improve your organization’s Active Directory security posture
Active Directory (AD), a directory service developed by Microsoft for Windows domain networks, is most organizations’ primary store for employee authentication and …
Why are companies in the SAP S/4HANA transformation holding back?
For SAP’s estimated 35,000 ERP customers worldwide, it’s not a question of whether they will migrate to S/4HANA – but when and how. A recent study by LeanIX …
Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level
An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot (BIOS/UEFI) environment, …
Virtual machines hide ransomware until the encryption process is done
The use of virtual machines (VMs) to run the malicious payload is getting more popular with ransomware attackers, Symantec’s Threat Hunter Team claims. Ransomware deployed in …
New tool allows organizations to customize their ATT&CK database
MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype