Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key factors for effective security automation In this Help Net Security …
New infosec products of the week: July 28, 2023
Here’s a look at the most interesting products from the past week, featuring releases from BreachRx, Darktrace, Dig Security, Panorays, and SeeMetrics. Panorays unveils …
Blocking access to ChatGPT is a short term solution to mitigate risk
For every 10,000 enterprise users, an enterprise organization is experiencing approximately 183 incidents of sensitive data being posted to ChatGPT per month, according to …
CISOs consider zero trust a hot security ticket
The majority of organizations are on the road to implementing a zero trust framework to increase their overall security risk posture, according to PlainID. However, only 50% …
A step-by-step guide for patching software vulnerabilities
Coalition’s recent Cyber Threat Index 2023 predicts the average Common Vulnerabilities and Exposures (CVEs) rate will rise by 13% over 2022 to more than 1,900 per month in …
Why are computer security guidelines so confusing?
If you find the computer security guidelines you get at work confusing and not very useful, you’re not alone. A new study highlights a key problem with how these guidelines …
Key factors for effective security automation
Harnessing the potential of automation in cybersecurity is key to maintaining a robust defense against ever-evolving threats. Still, this approach comes with its own unique …
UAC: Live response collection script for incident response
Unix-like Artifacts Collector (UAC) is a live response collection script for incident response that makes use of native binaries and tools to automate the collection of AIX, …
Cryptojacking soars as cyberattacks increase, diversify
Digital threat actors are adopting evolving tactical behaviors, opting for different types of malicious attacks compared to previous years, according to SonicWall. Overall …
SEC adopts new cybersecurity incident disclosure rules for companies
The Securities and Exchange Commission (SEC) today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an …
MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While …
Enterprises should layer-up security to avoid legal repercussions
The role of CISO these days requires a strong moral compass: You have to be the one speaking up for the protection of customer data and be ready to handle uncomfortable …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users