Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)
The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively …
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Packaged apps to set up test labs The …
LogoKit update: The phishing kit leveraging open redirect vulnerabilities
Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content. Using …
Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, …
Twilio confirms data breach after its employees got phished
Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some …
Understanding your attack surface is key to recognizing what you are defending
In this interview with Help Net Security, Marc Castejon, CEO at Silent Breach, discusses what organizations should be worried about at the moment, and what technologies they …
5 key things we learned from CISOs of smaller enterprises survey
As business begins its return to normalcy (however “normal” may look), CISOs at small and medium-size enterprises (500 – 10,000 employees) were asked to share their …
Cyberattacks on healthcare organizations negatively impact patient care
Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple …
Data privacy regulation a top three challenge for IoT adopters
Fears over security have become less of a concern for organizations adopting IoT solutions than it was five years ago, according to a recent study by Wi-SUN Alliance, a global …
What Black Hat USA 2022 attendees are concerned about
Black Hat released its Supply Chain and Cloud Security Risks Are Top of Mind survey. The report highlights important findings from more than 180 of experienced cybersecurity …
Week in review: Spot deep-faked job candidates, data exfiltration via bookmarks, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Browser synchronization abuse: Bookmarks as a covert data exfiltration …
New infosec products of the week: August 5, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Claroty, Fortinet, Qualys, Scrut Automation, Sony, and VIPRE Security. Qualys …
Featured news
Sponsored
Don't miss
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
- Faulty CrowdStrike update takes out Windows machines worldwide
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality