Download: The Ultimate Guide to the CISSP
The Ultimate Guide to the CISSP covers everything you need about the world’s premier cybersecurity leadership certification. Learn how CISSP and ISC2 will not only help you …
Microsoft introduces new access policies in Entra to boost MFA usage
As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to …
Looney Tunables bug exploited for cryptojacking
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into …
7 free cyber threat maps showing attack intensity and frequency
Cyber threat maps are one of the most visually engaging tools in the arsenal of cybersecurity professionals. These real-time visualizations provide a global perspective on …
Kubescape 3.0 elevates open-source Kubernetes security
Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Vulnerability scan results …
Microsegmentation proves its worth in ransomware defense
The number of ransomware attacks (successful and unsuccessful) has doubled over the past two years, from 43 on average in 2021 to 86 in 2023, according to Akamai. Security …
Outdated cryptographic protocols put vast amounts of network traffic at risk
Cryptography is largely taken for granted – rarely evaluated or checked – a practice that could have devastating consequences for businesses as attack surfaces continue to …
eBook: Keeping Active Directory out of hackers’ cross-hairs
Active Directory is a prime target for threat actors, and companies must act now to eliminate it as a threat vector permanently. Read the e-book to review: Active Directory …
Okta breach post mortem reveals weaknesses exploited by attackers
The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our …
Google Play will mark independently validated VPN apps
Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data …
Atlassian Confluence data-wiping vulnerability exploited
Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …
How global password practices are changing
Password health and hygiene improved globally over the past year, reducing the risk of account takeover for consumers and businesses, according to Dashlane. Password reuse …
Featured news
Resources
Don't miss
- ClickFix campaign delivers Mac malware via fake Apple page
- Poisoned “Office 365” search results lead to stolen paychecks
- What vibe hunting gets right about AI threat hunting, and where it breaks down
- Health insurance lead sites sell personal data within seconds of form submission
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)