Virtual patching: Cut time to patch from 250 days to <1 day
Unpatched vulnerabilities are responsible for 60% of all data breaches. The Department of Homeland Security has estimated that the proportion of breaches stemming from …
How Mirel Sehic relies on simplicity to focus on product security
If you are developing a modern medical, manufacturing, or logistics facility, there’s no doubt that a large portion of your investment was made into the electronic aspects of …
Data loss prevention company hacked by Tick cyberespionage group
ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, …
Exfiltration malware takes center stage in cybersecurity concerns
While massive public data breaches rightfully raise alarms, the spike in malware designed to exfiltrate data directly from devices and browsers is a key contributor to …
Top 50 most impersonated brands by phishing URLs
Today, phishing is the fastest growing Internet crime, and a threat to both consumers and businesses. Finance, technology, and telecom brands were the most commonly …
Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice
There is a consensus among MSPs and MSSPs that vCISO services pose an excellent opportunity for a new revenue stream, but how do you successfully do that? Watch this panel …
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …
CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs
Organizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US …
Product showcase: Permit.io – Application-level permissions with a no-code UI
Managing user access in applications has always been a headache for any developer. Implementing policies and enforcing them can prove to be quite complex, and very …
Organizations need to re-examine their approach to BEC protection
BEC attacks are growing year over year and are projected to be twice as high as the threat of phishing in general, according to IRONSCALES and Osterman Research. 93% of …
Security in the cloud with more automation
Hopefully, you’ve been working with the Center for Internet Security (CIS) on securing your cloud infrastructure for a while now. Initially, you might have used our CIS …
Kali Linux 2023.1 released – and so is Kali Purple!
OffSec (formerly Offensive Security) has released Kali Linux 2023.1, the latest version of its popular penetration testing and digital forensics platform, and the release is …