Distractions at work can have serious cybersecurity implications
Distracted employees are twice as likely to do the bare minimum for security at work, according to 1Password. The findings reveal that sustained burnout, now paired with high …
As legislation evolves, businesses need a firm understanding of secure payment options
Despite the constant evolution of the financial landscape, consumers are still prioritizing a seamless and safe payment journey above all else, according to PCI Pal. New …
OSV-Scanner: A free vulnerability scanner for open-source software
After releasing the Open Source Vulnerabilities database (OSV.dev) in February, Google has launched the OSV-Scanner, a free command line vulnerability scanner that open source …
Nosey Parker: Find sensitive information in textual data and Git history
Praetorian has open-sourced the regular expression-based (RegEx) scanning capabilities of its Nosey Parker secret scanning tool. Scanning filesystem content for secrets …
What CISOs consider when building up security resilience
Cybersecurity resilience is a top priority for companies as they look to defend against a rapidly evolving threat landscape, according to Cisco. Researchers identified the top …
Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)
It’s December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw (CVE-2022-44698) exploited by …
State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)
An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) …
Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet …
24% of technology applications contain high-risk security flaws
With, arguably, a higher proportion of applications to contend with than other industries, tech firms would benefit from implementing improved secure coding training and …
Privacy concerns are limiting data usage abilities
Access to data is significantly limited by data privacy and protection regulations, according to a survey conducted by Bloor Research. The report reveals that 60% of the data …
eBook: 4 ways to secure passwords, avoid corporate account takeover
Enterprising cybercriminals don’t have to work very hard to gain access to your network and all the valuable information stored inside it. That’s because employee accounts are …
Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968)
A high-risk stack overflow vulnerability (CVE-2022-20968) may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the …
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype