Vulnerability prioritization is only the beginning
To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure …
Fraud tactics and the growing prevalence of AI scams
In the first six months of 2024, Hiya flagged nearly 20 billion calls as suspected spam – more than 107 million spam calls everyday. The data showed spam flag rates of more …
The changing dynamics of ransomware as law enforcement strikes
After peaking in late 2023, the ransomware industry is beginning to stabilize in productivity, with notable developments in ransomware targets, and industry dynamics, …
New infosec products of the week: August 23, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Entrust, Fortanix, McAfee, Own, RightCrowd, and Wallarm. Own proactively detects and …
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the …
Android malware uses NFC to steal money at ATMs
ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to the attacker’s rooted …
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity …
A survival guide for data privacy in the age of federal inaction
Things change fast in the world of data privacy. Just earlier this year, the question I was being asked most frequently was, “How similar will the proposed federal privacy law …
Most ransomware attacks occur between 1 a.m. and 5 a.m.
There’s been an alarming increase in ransomware attacks over the past year, alongside significant shifts in the tactics and strategies employed by cybercriminals that …
Why C-suite leaders are prime cyber targets
Senior executives are prime targets for cybercriminals, with 72% of surveyed cybersecurity professionals in the US reporting that cyberattacks have targeted this group in the …
GenAI models are easily compromised
95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack …
PostgreSQL databases under attack
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a …