Beware of password-cracking software for PLCs and HMIs!
A threat actor is targeting industrial engineers and operators with trojanized password-cracking software for programmable logic controllers (PLCs) and human-machine …
(IN)SECURE Magazine issue 72 released: Free download
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 72 has been released today. It’s a free …
The first formal verification of a prototype of Arm CCA firmware
As our personal data is increasingly used in many applications from advertising to finance to healthcare, protecting sensitive information has become an essential feature for …
Industrial cybersecurity leaders are making considerable headway
Increased cyber threats and government directives have made cybersecurity a top priority among critical infrastructure organizations. A zero trust security architecture is the …
Online payment fraud losses to exceed $343 billion
Cumulative merchant losses to online payment fraud globally between 2023 and 2027 will exceed $343 billion, according to Juniper Research. As a comparison, this equates to …
Week in review: Kali Linux gets on Linode, facial recognition defeated, Log4j exploitation
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Dealing with threats and preventing sensitive data loss Recently, Normalyze, …
How to address the ongoing risk of Log4j exploitation and prepare for the future
“Vulnerable instances of Log4j will remain in systems for many years to come, perhaps a decade or longer,” the Cyber Safety Review Board (CSRB) has concluded. …
New infosec products of the week: July 15, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Deloitte, Flashpoint, CertiK, CyberArk, and N-able. Flashpoint Automate accelerates …
Q-Day: The problem with legacy public key encryption
In the power circles where policy and technology meet, there always seems to be someone with his or her “hair on fire” about some issue or another, and it can be difficult to …
Outsourcing security is the only solution for many smaller teams
Companies with small security teams continue to face a number of distinctive challenges that place these organizations at greater risk than larger enterprises, according to …
PayPal-themed phishing kit allows complete identity theft
Sometimes phishers are just after your username and password, but other times they are after every scrap of sensitive information they can extract from you. To do that, they …
The future of SOCs: Automation where it matters
Sophisticated attacks, remote work needs and rapidly changing technologies challenge organizations to manage IT security while containing costs and using overburdened staff. …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)