
LastPass extensions can be made to cough up passwords, deliver malware
LastPass Chrome and Firefox extensions contain flaws that could allow malicious websites to steal victims’ passwords or execute commands on their computer. The flaws …

Deception security doesn’t have to be onerous or expensive
When talking about deception security, most infosec pros’ mind turns to honeypots and decoy systems – additional solutions that companies have to buy, deploy, and …

How the Necurs botnet influences the stock market
After a three-months-long partial hiatus, the Necurs botnet is back to flinging spam emails left and right. But unlike before the break, when it was mostly delivering the …

Online banking customers remain extremely frustrated with passwords
A new survey by iovation and Aite Group, polled nearly 1,100 consumers across four generations who use online and/or mobile banking platforms to better understand their …

Software development teams embrace DevSecOps automation
Mature development organizations ensure automated security is woven into their DevOps practice, early, everywhere, and at scale, according to Sonatype. The adoption of DevOps …

Hybrid IT is becoming a standard enterprise model
Dimension Data research of 1,500 IT decision makers from multiple vertical industries across the US, Europe, Asia-Pacific and South Africa, reveals that hybrid IT is becoming …

Burglars can easily make Google Nest security cameras stop recording
Google Nest’s Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that’s in their Bluetooth range, a …

US to ban electronic devices from airplane cabins on some US-bound flights
With a (now deleted) tweet, Royal Jordanian Airlines has jumped the gun on a new ban by the US government expected to be announced on Tuesday: air travellers to the US from …

Offer of nude celeb photos turns Twitter users into spammers
If not careful, Twitter users who are dead set on seeing nude photos of WWE star Paige will end up on marketers’ spam lists and with their own Twitter account pushing …

Managing third-party risk: Dominant trends
One in five organizations has faced significant risk exposure due to a third party in the last 18 months. Of those who shared loss data, 25% said that the loss impact was …

Even a cybersecurity firm can fall for a W-2 phishing scam
US Tax Day (April 18) is quickly approaching, and scammers are hard at work to get what they can before the set tax season deadline. The US IRS is warning about last-minute …

Hijacking Windows user sessions with built-in command line tools
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)