Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)
Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. …
The two words you should never forget when you’re securing a cloud
When cloud providers sell their services, they know their customers are thinking about cybersecurity – that’s why providers tend to tout their impressive accreditations …
A robust security strategy starts with the hardware
Intel released the results of a study exploring how organizations approach security innovation in an increasingly digital world to stay ahead of the evolving threat landscape. …
The perils of SaaS misconfigurations
The Cloud Security Alliance (CSA) released the findings of an Adaptive Shield survey, offering insight into the industry’s knowledge, attitudes, and opinions regarding SaaS …
Consumers feel data leakage is inevitable so many have stopped caring
Imperva releases findings from a global study on consumer perceptions of data privacy and trust in digital service providers. In an increasingly digital world, consumers feel …
2021 average ransoms paid by quarter was $167K, down 44.2%
In reviewing the evolving cyber risk landscape, a Corvus Insurance report includes a breakdown of the impact of zero-days and third-party risk, updates on ransom severity, …
Independent security audits are essential for cloud service providers. Here’s why
As more companies outsource IT infrastructure to third-party providers and adopt cloud-based collaboration tools, the need for partners that deliver strong protection and …
Product showcase: Enclave – using zero trust network access to simplify your networks
A huge number of Internet-accessible systems are protected by the principle of connect, then authenticate. This includes VPNs, web applications, databases, Windows Servers …
Cybersecurity is getting harder: More threats, more complexity, fewer people
Splunk and Enterprise Strategy Group released a global research report that examines the security issues facing the modern enterprise. More than 1,200 security leaders …
Lack of data readiness threatens digital transformation in healthcare
A majority of healthcare leaders have established digital transformation as a top priority spurred by the pandemic, yet they’re facing a chronic, underlying challenge that’s …
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried …
Featured news
Sponsored
Don't miss
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
- Faulty CrowdStrike update takes out Windows machines worldwide
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality