Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968)
A high-risk stack overflow vulnerability (CVE-2022-20968) may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the …
Product showcase: The Intruder vulnerability management platform
Vulnerability scanning is a fundamental component of every good cyber security strategy – but it can be challenging to get right. Intruder created a vulnerability management …
Most startups have cyber insurance but are uncertain about how much risk is covered
Despite the significant economic headwinds startups currently face – from a challenging fundraising landscape to inflation woes and difficult operational decisions – company …
Security is no longer an internal affair
67% of respondents to a recent survey indicated their company had lost a business deal due to the customer’s lack of confidence in their security strategy. Dimensional …
Week in review: Rackspace outage, Kali Linux 2022.4 released, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Rackspace Hosted Exchange outage was caused by ransomware Rackspace has …
December 2022 Patch Tuesday forecast: Fine-tuning the connectivity
Microsoft wrapped up a lot of ‘loose ends’ last month with their November set of updates, but there is still some work to do before the end-of-year holiday season. The …
New infosec products of the week: December 9, 2022
Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Arkose Labs, Kudelski Security, Lepide, OPSWAT, Palo Alto Networks, and …
Research reveals where 95% of open source vulnerabilities lie
New research from Endor Labs offers a view into the rampant but often unmonitored use of existing open-source software in application development and the dangers arising from …
PCI Secure Software Standard 1.2 released
PCI Security Standards Council (PCI SSC) published version 1.2 of the PCI Secure Software Standard and its supporting program documentation. The PCI Secure Software Standard …
Leveraging the full potential of zero trust
More than 90% of IT leaders who have started migrating to the cloud have implemented, are implementing, or are planning to implement a zero-trust security architecture, …
Apple unveils end-to-end encryption for iCloud backup, Photos, etc.
Apple is expanding end-to-end encryption options for users and finally offering E2EE for their iCloud backup. Advanced Data Protection for iCloud “iCloud already …
Cybercriminals are scamming each other, tipping off law enforcement
Cybercriminals are scamming each other out of millions of dollars and use arbitration to settle disputes about the scams, according to Sophos. For this report, Sophos experts …
Featured news
Sponsored
Don't miss
- Cybercriminals used a gaming engine to create undetectable malware loader
- ESET researchers analyze first UEFI bootkit for Linux systems
- QScanner: Linux command-line utility for scanning container images, conducting SCA
- Choosing the right secure messaging app for your organization
- Zero-day data security