Enterprises remain vulnerable through compromised API secrets
Cybersecurity professionals are frustrated over how much time and attention they must devote to API security and worried that their defenses still need to be improved, …
Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …
Cyber insurance can offset the risks of potential breaches
SMBs are aware of increasing cyber threats and allocating resources and investing in areas such as network and cloud security, according to Datto. Key takeaways from this …
EU cyber resilience regulation could translate into millions in fines
The EU Commission’s Cyber Resilience Act (CRA) is intended to close the digital fragmentation problem surrounding devices and systems with network connections – from …
Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and …
Global instability increases cyber risk, says World Economic Forum
Geopolitical instability is exacerbating the risk of catastrophic cyberattacks, according to the Global Cybersecurity Outlook 2023 report from the World Economic Forum. The …
Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many …
How data protection is evolving in a digital world
Companies are challenged with more complex hybrid IT environments. They are raising budgets to fend off cyberattacks and keep up as production environments continue to …
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …
Training, endpoint management reduce remote working cybersecurity risks
33% of companies are not providing any cybersecurity awareness training to users who work remotely, according to Hornetsecurity. The study also revealed that nearly 74% of …
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …
Cacti servers under attack by attackers exploiting CVE-2022-46169
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a …
Featured news
Sponsored
Don't miss
- Cybercriminals used a gaming engine to create undetectable malware loader
- ESET researchers analyze first UEFI bootkit for Linux systems
- QScanner: Linux command-line utility for scanning container images, conducting SCA
- Choosing the right secure messaging app for your organization
- Zero-day data security