How the blurring of the “supply chain” opens your doors to attackers—and how you can close them
There have been more than 200 dedicated supply chain attacks over the past decade. Some of these campaigns have affected countless supplier networks and millions of customers …
After being breached once, many companies are likely to be hit again
Cymulate announced the results of a survey, revealing that two-thirds of companies who have been hit by cybercrime in the past year have been hit more than once, with almost …
Solution to cybersecurity skills gap largely sits with hiring practices
(ISC)² published findings from its 2022 Cybersecurity Hiring Managers research that shed light on best practices for recruiting, hiring and onboarding entry- and junior-level …
QNAP NAS devices hit by DeadBolt and ech0raix ransomware
Taiwan-based QNAP Systems is warning consumers and organizations using their network-attached storage (NAS) appliances of a new DeadBolt ransomware campaign. There also …
Board members and the C-suite need secure communication tools
Board members and the C-suite are key targets for cyber-threat actors, due to their access to highly sensitive information. Yet too many of them are putting their …
How tool sprawl is becoming a common issue for SMEs
JumpCloud announced the findings from its Q2 2022 SME IT Trends Report, revealing that while IT teams are successfully managing hybrid-remote work, they are still burdened …
Data recovery depends on how good your backup strategy is
99% of surveyed IT decision makers state they have backup strategies in place, but just 26% have admitted they were unable to fully restore all data/documents when recovering …
Increased security driving investments in cloud computing
Aptum has announced a report which examines the complexities inherent in hybrid cloud environments and their implications on security, data governance, compliance and disaster …
Week in review: Microsoft fixes Follina, cybersecurity pros quitting, (IN)SECURE Magazine RSAC 2022
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: (IN)SECURE Magazine: RSAC 2022 special issue released Several of the most …
Which stolen data are ransomware gangs most likely to disclose?
If your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the “encrypt” button, which types of data are more …
Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day …
New infosec products of the week: June 17, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Feroot, Incognia, Optiv, and Splunk. Splunk announces platform updates …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)