vulnerability
Defending against Windows RDP attacks
In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in the number …
Bitcoin Security Rectifier app aims to make Bitcoin more secure
A computer science engineer at Michigan State University has a word of advice for the millions of bitcoin owners who use smartphone apps to manage their cryptocurrency: …
Cloud native adoption increasing security concerns
Cloud native adoption has both transformed the way organizations build modern applications and resulted in increased security threats and concerns, according to a research by …
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …
Is it OK to publish PoC exploits for vulnerabilities and patches?
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …
Defeating typosquatters: Staying ahead of phishing and digital fraud
It has become a mantra for businesses targeted by hackers to describe the incident as a “sophisticated cyber-attack”. Although true in some instances, the reality is that most …
Secure your cloud: Remove the human vulnerabilities
Training to increase employees’ security awareness and change risky behaviours among end users is important, particularly as the future workplace will be hybrid and many …
Healthcare organizations implementing zero trust to tackle cyberattacks
It is widely known that the healthcare industry is a primary target for cyberattack, with increasingly sophisticated and highly-motivated adversaries seeking to exploit both …
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and …
What is threat modeling and why should you care?
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system …
Researchers develop program that helps assess encryption systems’ vulnerabilities
Anastasia Malashina, a doctoral student at HSE University, has proposed a new method to assess vulnerabilities in encryption systems, which is based on a brute-force search of …
Penetration testing leaving organizations with too many blind spots
While organizations invest significantly and rely heavily on penetration testing for security, the widely used approach doesn’t accurately measure their overall security …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?