vulnerability
Why XSS is still an XXL issue in 2021
Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a …
VPN attacks up nearly 2000% as companies embrace a hybrid workplace
Nuspire released a report which outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from Recorded Future. “As companies …
How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …
Ransomware attackers are leveraging old SonicWall SRA flaw (CVE-2019-7481)
Since the beginning of the year, various cyber attackers leveraged a slew of zero-day vulnerabilities to compromise different SonicWall solutions. Crowdstrike now warns that a …
Quantum computing is imminent, and enterprises need crypto agility now
Nearly 100 years ago, the first quantum revolution ushered in the technological advances that have made our modern life possible. Advances in quantum physics led to the …
Most mobile finance apps vulnerable to data breaches
77% of financial apps have at least one serious vulnerability that could lead to a data breach, an Intertrust report reveals. This report comes at a time where finance mobile …
Application security approaches broken by rising adoption of cloud-native architectures
The rising adoption of cloud-native architectures, DevOps, and agile methodologies has broken traditional approaches to application security, a survey of 700 CISOs by Coleman …
IT service desks lacking user verification policy, putting businesses at risk
48% of organizations don’t have a user verification policy in place for incoming calls to IT service desks, according to Specops Software. The information was uncovered as …
Critical vulnerabilities identified in CODESYS ICS automation software
Researchers have identified 10 vulnerabilities in CODESYS automation software for industrial control systems. Some are of high and critical severity. “The vendor rated …
Threat intelligence: The biggest blind spot for CISOs
More than 90 percent of CISOs rely on outdated, report-based threat intelligence that is often too old to inform decisions, according to Cybersixgill. The survey also found …
EUCC receives first EU cybersecurity certification scheme
In July 2019, the EUCC was the first candidate cybersecurity certification scheme request received by the EU Agency for Cybersecurity (ENISA) under the Cybersecurity Act. This …
Endpoint complexities leaving sensitive data at risk
Absolute Software announced key findings from its report which shines a light on key trends affecting enterprise data and device security, and underscores the dangers of …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act