Humans are still better than AI at crafting phishing emails, but for how long?
Humans are still better at crafting phishing emails compared to AI, but not by far and likely not for long, according to research conducted by IBM X-Force Red. Creating …
Quishing: Tricks to look out for
QR code phishing – aka “quishing” – is on the rise, according to HP, Darktrace, Malwarebytes, AusCERT, and many others. What are QR codes? QR codes are …
OT cyber attacks proliferating despite growing cybersecurity spend
The sharp increase in attacks on operational technology (OT) systems can be primarily attributed to two key factors: the escalating global threats posed by nation-state actors …
GOAD: Vulnerable Active Directory environment for practicing attack techniques
Game of Active Directory (GOAD) is a free pentesting lab. It provides a vulnerable Active Directory environment for pen testers to practice common attack methods. GOAD-Light: …
Ransomware groups continue to increase their operational tempo
Q3 of 2023 continued an ongoing surge in ransomware activity, according to GuidePoint Security. GuidePoint Research and Intelligence Team (GRIT) observed a nearly 15% increase …
CISOs struggling to understand value of security controls data
Many CISOs are grappling with the conundrum of the purpose and value of security controls data in supporting critical business decisions, according to Panaseer. The biggest …
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)
The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental …
VMware patches critical vulnerability in vCenter Server (CVE-2023-34048)
VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) and a moderate-severity information disclosure flaw (CVE-2023-34056) in vCenter Server, its …
What is operational risk and why should you care? Assessing SEC rule readiness for OT and IoT
The newly released Security and Exchange Commission (SEC) cyber incident disclosure rules have been met with mixed reviews. Of particular concern is whether public companies …
Security leaders have good reasons to fear AI-generated attacks
Generative AI is likely behind the increases in both the volume and sophistication of email attacks that organizations have experienced in the past few months, and it’s …
Consumers are taking action to protect their privacy
Younger consumers are taking deliberate action to protect their privacy, as 42% of consumers aged 18-24 exercise their Data Subject Access Rights, compared with just 6% for …
1Password also affected by Okta Support System breach
Following in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach. “On September 29, we …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users