Researchers uncover URL spoofing flaws on Zoom, Box, Google Docs
Researchers have discovered several URL spoofing bugs in Box, Zoom and Google Docs that would allow phishers to generate links to malicious content and make it look like …
An offensive mindset is crucial for effective cyber defense
As ransomware attacks continue to increase and cybercriminals are becoming more sophisticated, the federal government has implemented a more proactive approach when it comes …
Is that health app safe to use? A new framework aims to provide an answer
A new framework for assessing the privacy, technical security, usability and clinical assurance and safety of digital health technologies has been created by the American …
Google Drive emerges as top app for malware downloads
Netskope published a research which found that phishing downloads saw a sharp increase of 450% over the past 12 months, fueled by attackers using search engine optimization …
Password reuse is rampant among Fortune 1000 employees
SpyCloud published an annual analysis of identity exposure among employees of Fortune 1000 companies in key sectors such as technology, finance, retail and telecommunications. …
Download guide: Evaluating third-party security platforms
A comprehensive third-party security program can align your vendor’s security with your internal security controls and risk appetite. Such a program can also help you …
Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925)
May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack (CVE-2022-26925) …
How to set up a powerful insider threat program
Security spend continues to focus on external threats despite threats often coming from within the organization. A recent Imperva report (by Forrester Research) found only 18 …
Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service
The Resecurity HUNTER unit identified a new underground service called “Frappo”, which is available on the Dark Web. “Frappo” acts as a Phishing-as-a-Service and enables …
Attackers are attempting to exploit critical F5 BIG-IP RCE
Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP multi-purpose networking devices/modules. Simultaneously, …
The role of streaming machine learning in encrypted traffic analysis
Organizations now create and move more data than at any time ever before in human history. Network traffic continues to increase, and global internet bandwidth grew by 29% in …
Week in review: F5 BIG-IP flaw, critical bugs in Aruba and Avaya network switches, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles and interviews: May 2022 Patch Tuesday forecast: Look beyond just application and OS updates April …
Featured news
Sponsored
Don't miss
- The effect of compliance requirements on vulnerability management strategies
- Modernizing incident response in the AI era
- Why cybersecurity leaders trust the MITRE ATT&CK Evaluations
- How the role of observability is changing within organizations
- Cybercriminals used a gaming engine to create undetectable malware loader