New infosec products of the week: July 15, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Deloitte, Flashpoint, CertiK, CyberArk, and N-able. Flashpoint Automate accelerates …
Q-Day: The problem with legacy public key encryption
In the power circles where policy and technology meet, there always seems to be someone with his or her “hair on fire” about some issue or another, and it can be difficult to …
Outsourcing security is the only solution for many smaller teams
Companies with small security teams continue to face a number of distinctive challenges that place these organizations at greater risk than larger enterprises, according to …
PayPal-themed phishing kit allows complete identity theft
Sometimes phishers are just after your username and password, but other times they are after every scrap of sensitive information they can extract from you. To do that, they …
The future of SOCs: Automation where it matters
Sophisticated attacks, remote work needs and rapidly changing technologies challenge organizations to manage IT security while containing costs and using overburdened staff. …
Businesses are adding more endpoints, but can’t manage them all
Most enterprises struggle to maintain visibility and control of their endpoint devices, leading to increased security breaches and impaired ability to ward off outside …
Conventional cybersecurity approaches are falling short
Traditional security approaches that rely on reactive, detect-and-respond measures and tedious manual processes can’t keep pace with the volume, variety, and velocity of …
Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor …
The weaponizing of smartphone location data on the battlefield
For soldiers on the battlefield, the act of turning on one’s smartphone has been described as the digital equivalent of lighting a cigarette, as doing so creates a signal …
The enemy of vulnerability management? Unrealistic expectations
Organizations vary by size, industry, level of maturity, but one thing that they all have in common is needing to know how to quickly remediate security vulnerabilities. As an …
Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation …
Researchers defeat facial recognition systems with universal face mask
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv …
Featured news
Sponsored
Don't miss
- Why cybersecurity leaders trust the MITRE ATT&CK Evaluations
- How the role of observability is changing within organizations
- Cybercriminals used a gaming engine to create undetectable malware loader
- ESET researchers analyze first UEFI bootkit for Linux systems
- QScanner: Linux command-line utility for scanning container images, conducting SCA