With database attacks on the rise, how can companies protect themselves?
Misconfigured or unsecured databases exposed on the open web are a fact of life. We hear about some of them because security researchers tell us how they discovered them, …
How to build up cybersecurity for medical devices
Manufacturing medical devices with cybersecurity firmly in mind is an endeavor that, according to Christopher Gates, an increasing number of manufacturers is trying to get …
Review: Practical Vulnerability Management: A Strategic Approach to Managing Cyber Risk
Andrew Magnusson started his information security career 20 years ago and he decided to offer the knowledge he accumulated through this book, to help the reader eliminate …
How do I select a data storage solution for my business?
We live in the age of data. We are constantly producing it, analyzing it, figuring out how to store and protect it, and, hopefully, using it to refine business practices. …
Three immediate steps to take to protect your APIs from security risks
In one form or another, APIs have been around for years, bringing the benefits of ease of use, efficiency and flexibility to the developer community. The advantage of using …
Review: ThreadFix 3.0
Maintaining a strong organizational security posture is a demanding task. Most best practices – e.g. CIS Controls, the OWASP Vulnerability Management Guide – …
The lifecycle of a eureka moment in cybersecurity
It takes more than a single eureka moment to attract investor backing, especially in a notoriously high-stakes and competitive industry like cybersecurity. While every …
Hardware security: Emerging attacks and protection mechanisms
Maggie Jauregui’s introduction to hardware security is a fun story: she figured out how to spark, smoke, and permanently disable GFCI (Ground Fault Circuit Interrupter – …
Cybersecurity lessons learned from data breaches and brand trust matters
Your brand is a valuable asset, but it’s also a great attack vector. Threat actors exploit the public’s trust of your brand when they phish under your name or when they …
Measuring impact beyond a single incident
Determining the true impact of a cyber attack has always and will likely be one of the most challenging aspects of this technological age. In an environment where very limited …
Using virtualization to isolate risky applications and other endpoint threats
More and more security professionals are realizing that it’s impossible to fully secure a Windows machine – with all its legacy components and millions of potentially …
Credential stuffing is just the tip of the iceberg
Credential stuffing attacks are taking up a lot of the oxygen in cybersecurity rooms these days. A steady blitz of large-scale cybersecurity breaches in recent years have …
Featured news
Resources
Don't miss
- Banshee Stealer variant targets Russian-speaking macOS users
- Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
- GitLab CISO on proactive monitoring and metrics for DevSecOps success
- Sara: Open-source RouterOS security inspector
- Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd