NIST updates guidance for cybersecurity supply chain risk management
The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks …
May 2022 Patch Tuesday forecast: Look beyond just application and OS updates
April Patch Tuesday provided an extensive set of operating system and application updates after a few quiet months. Microsoft addressed 97 vulnerabilities in Windows 10, and …
New infosec products of the week: May 6, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, BIO-key, Data Theorem, Enpass, Microsoft, N-able, and Uptycs. Microsoft …
Nothing personal: Training employees to identify a spear phishing attack
Phishing attacks began years ago as simple spam, designed to trick recipients into visiting sites and becoming customers. In the meantime, they have morphed into a worldwide …
Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)
F5 Networks‘ BIG-IP multi-purpose networking devices/modules are vulnerable to unauthenticated remote code execution attacks via CVE-2022-1388. “This vulnerability may …
Tackling the threats posed by shadow IT
While remote technologies have allowed businesses to shift their workforces online, this flexibility has created a swathe of challenges for IT teams who must provide a robust …
7 threat detection challenges CISOs face and what they can do about it
Security operations (SecOps) teams continue to be under a constant deluge of new attacks and malware variants. In fact, according to recent research, there were over 170 …
A checklist to help healthcare organizations respond to a serious cyberattack
How should organizations in the healthcare sector respond to outage due to a serious cyberattack? The Healthcare and Public Health Sector Coordinating Council’s (HSCC) …
Stealthy APT group plunders very specific corporate email accounts
An eminently sophisticated and stealthy APT group is going after specific corporate email accounts and has, on occasion, managed to remain undetected in victim environments …
The 6 steps to a successful cyber defense
The Ransomware Spotlight Year-End Report from Ivanti, conducted in partnership with Cyber Security Works and Cyware, found that there is now a total of 157 ransomware families …
Phishers exploit Google’s SMTP Relay service to deliver spoofed emails
Phishers are exploiting a flaw in Google’s SMTP relay service to send malicious emails spoofing popular brands. Avanan researcher Jeremy Fuchs says that starting in April …
RSAC Innovation Sandbox Contest finalists announced
RSA Conference announced the 10 finalists for its 17th annual RSAC Innovation Sandbox Contest. The competition calls on the most promising young companies in cybersecurity to …
Featured news
Sponsored
Don't miss
- The effect of compliance requirements on vulnerability management strategies
- Modernizing incident response in the AI era
- Why cybersecurity leaders trust the MITRE ATT&CK Evaluations
- How the role of observability is changing within organizations
- Cybercriminals used a gaming engine to create undetectable malware loader