Are your site’s tracking technologies breaking the law?
Two irresistible yet conflicting forces are creating a real risk for businesses that operate on the web, which is every business that exists in 2022. Those forces are tracking …
July 2022 Patch Tuesday forecast: A summertime lull?
June 2022 Patch Tuesday wrapped up a few loose ends we were waiting on. The Follina remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) …
Imagination is key to effective data loss prevention
Security teams have a challenging job. They must manage an ever-expanding attack surface and protect huge volumes of data from bad actors who are constantly evolving their …
Why your API gateway is not enough for API security?
The emergence of cloud computing architectures has caused enterprises to rethink the way applications are scaled. Impetuses were put on companies to get away from deploying …
Is the UK government prepared for its greatest threat?
Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency (CISA), has warned the UK government that they could be the victim of a 9/11-style …
Evolving online habits have paved the way for fraud. What can we do about it?
Information is power, and personally identifiable information (PII) is an extremely powerful asset that is fueling the rapid growth of online fraud (also known as the Digital …
Detection, isolation, and negotiation: Improving your ransomware preparedness and response
The risks presented by ransomware and cyber extortion events have likely found a place in your own security team’s discussions, and rightfully so. Ransomware attacks have …
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in …
7 DevSecOps myths and how to overcome them
DevOps and security teams have long been at odds with each other over the software delivery pipeline. DevOps teams have historically viewed security teams as the “release …
How the blurring of the “supply chain” opens your doors to attackers—and how you can close them
There have been more than 200 dedicated supply chain attacks over the past decade. Some of these campaigns have affected countless supplier networks and millions of customers …
Board members and the C-suite need secure communication tools
Board members and the C-suite are key targets for cyber-threat actors, due to their access to highly sensitive information. Yet too many of them are putting their …
Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day …
Featured news
Resources
Don't miss
- The modern CISO is a cornerstone of organizational success
- Best practices for ensuring a secure browsing environment
- Kata Containers: Open-source container runtime, building lightweight VMs
- Why software is the key to FI risk management
- Hottest cybersecurity open-source tools of the month: December 2024