Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)
VMware has fixed two critical (CVE-2022-31706, CVE-2022-31704) and two important (CVE-2022-31710, CVE-2022-31711) security vulnerabilities in VMware vRealize Log Insight, its …
How to tackle the cybersecurity skills shortage in the EU
The cybersecurity skills shortage is a global problem, but each region – including Europe or, more specifically, the EU – has distinct problems it has to tackle to …
Most consumers would share anonymized personal data to improve AI products
Despite a difficult economic environment, organizations continue to invest in privacy, with spending up significantly from $1.2 million just three years ago to $2.7 million …
GoTo now says customers’ backups have also been stolen
GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, …
Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)
Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching – among other things – a type confusion flaw in the WebKit component …
BSidesZG 2023: Strengthening the infosec community in Croatia’s capital
In March 2023, Zagreb will be added to the (already long) list of cities where information security professionals and enthusiasts can share their knowledge with peers at a …
NSA publishes IPv6 Security Guidance
The National Security Agency (NSA) published guidance to help Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with …
ENISA gives out toolbox for creating security awareness programs
The European Union Agency for Cybersecurity (ENISA) has made available Awareness Raising in a Box (AR-in-a-BOX), a “do it yourself” toolbox to help organizations …
Extent of reported CVEs overwhelms critical infrastructure asset owners
The sheer volume of reported ICS vulnerabilities and CVEs may cause critical infrastructure asset owners to feel overwhelmed, or need help knowing where to begin, according to …
Trained developers get rid of more vulnerabilities than code scanning tools
An EMA survey of 129 software development professionals uncovered that for those using code scanning tools, only 10% of organizations prevented a higher percentage of …
Week in review: Critical git vulnerabilities, increasingly malicious Google Search ads
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cacti servers under attack by attackers exploiting CVE-2022-46169 If you’re …
New infosec products of the week: January 20, 2023
Here’s a look at the most interesting products from the past week, featuring releases from CloudSEK, Devo Technology, Immuta, Varonis, and Zyxel Networks. CloudSEK BeVigil app …
Featured news
Sponsored
Don't miss
- Cybercriminals used a gaming engine to create undetectable malware loader
- ESET researchers analyze first UEFI bootkit for Linux systems
- QScanner: Linux command-line utility for scanning container images, conducting SCA
- Choosing the right secure messaging app for your organization
- Zero-day data security