
How do I select a pentesting solution for my business?
Given the number of vulnerabilities that have gone global in the past few years, enterprises can’t afford to keep relying on reactive security. Just hoping that an alert …

Why the rapid transition to cloud demands that DevOps shift left
To accommodate remote work policies amid COVID-19, companies have increasingly adopted the public cloud to support off-site business continuity. A MarketsandMarkets analysis …

Attackers are exploiting Cisco ASA/FTD flaw in search for sensitive data
An unauthenticated file read vulnerability (CVE-2020-3452) affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software is being exploited by …

Internet security is improving, but exposures still run rampant
Rapid7’s research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, …

How do I select a SIEM solution for my business?
A Security Information and Event Management (SIEM) solution collects and analyzes activity from numerous resources across your IT infrastructure. A SIEM can provide …
Rapid7 to acquire DivvyCloud to help enterprises accelerate innovation
Rapid7, a leading provider of security analytics and automation, announced that it has entered into a definitive agreement to acquire DivvyCloud, a leader in Cloud Security …

Actively exploited MS Exchange flaw present on 80% of exposed servers
Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don’t have to look hard to find a server they can …

Photo gallery: Black Hat USA 2019, part two
Black Hat USA 2019 is underway in Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: Bugcrowd, Sumo Logic, Devo Technology, Akamai, …

Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets
We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been …

Photos: Infosecurity Europe 2019 expo floor
Infosecurity Europe 2019 is taking place this week in London. Here’s a view of the expo floor, the featured vendors include: Qualys, Anomali, Wandera, Proofpoint, …

February 2019 Patch Tuesday: PrivExchange hole plugged
For the February 2019 Patch Tuesday, Microsoft has released fixes for over 70 CVE-numbered vulnerabilities, 20 of which are rated Critical. Also rated Critical are the Adobe …

Retail and finance top the list of vulnerable industries, increasingly targeted with credential threat campaigns
The finance, professional, and information sectors had the highest volume and most variety of malicious activity in Q2 2018, says Rapid7, and the manufacturing sector is …
Featured news
Resources
Don't miss
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
- Android financial threats: What businesses need to know to protect themselves and their customers
- Post-quantum cryptography and the future of online safety
- How to manage and protect your biometric data
- UK NCSC offers security guidance for domain and DNS registrars