enterprise
Cloud adoption and security are not mutually exclusive
As organizations continue to adopt cloud services to achieve their desired business objectives, many don’t realize that the thing that makes cloud computing great – …
How to improve the hiring and retaining of infosec professionals?
The cybersecurity staffing and skills shortage is a well-known reality and the situation is predicted to get worse in the coming years. There are many problems There are …
True passwordless authentication is still quite a while away
The password has been one of the great inventions in the history of computing: a solution that allowed simple and effective identity and access management when the need arose …
Researcher releases PoC code for critical Atlassian Crowd RCE flaw
A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution …
A fileless campaign is dropping the Astaroth info-stealer
Attackers are delivering the Astaroth info-stealing backdoor by leveraging a combination of fileless malware and “living off the land” techniques, …
Google delivers new G Suite security tools
Google has announced several new security tools for G Suite admins and users, as well as a new 2FA option: one-time security codes based on security keys. Email security …
Ransomware disrupts worldwide production for Belgian aircraft parts maker
ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around …
Lack of visibility and IT staff availability: The main challenges of enterprise decentralization
As enterprise IT reckons with fundamental changes to their networking infrastructure, teams are being stretched to the limit, requiring a new approach to network monitoring …
BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable
Two weeks have passed since Microsoft released security fixes and mitigation advice to defang exploits taking advantage of CVE-2019-0708 (aka BlueKeep), a wormable …
How mainstream media coverage affects vulnerability management
For better or for worse, mainstream media is increasingly covering particularly dangerous, widespread or otherwise notable security vulnerabilities. The growing coverage has …
If you haven’t yet patched the BlueKeep RDP vulnerability, do so now
There is still no public, working exploit code for CVE-2019-0708, a flaw that could allow an unauthenticated remote attacker to execute remote code on a vulnerable target …
How to write an effective data breach notification?
Data breach notifications sent by companies to affected customers are often unclear and not very helpful, University of Michigan researchers have found. The problem(s) The …
Featured news
Resources
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype