Log4Shell is a dumpster fire that should have been avoided
On Thursday, December 9, 2021, my young, Minecraft-addicted kids were still completely oblivious of the Log4j vulnerabilities in their favorite game. Then again, so was every …
Five cybersecurity predictions for 2022 and beyond
2021 saw some of the largest and most influential cyber attacks to date. Leaders in cybersecurity have faced numerous challenges this year and are likely to experience …
PCI SSC updates its device security standard for HSMs
The PCI SSC published the latest version of its device security standard for Hardware Security Modules (HSMs). HSMs are secure cryptographic devices that are used for …
Watch out for Christmas 2021 credential stuffing attacks!
A research from Arkose Labs has revealed that there were over two billion credential stuffing attacks (2,831,028,247) during the last 12 months, growing exponentially during …
Wireless 5G connections to exceed 540 million by the end of the year
Global wireless 5G connections have reached 438 million by the third quarter of 2021 and are on pace to exceed 540 million by the end of the year, according to data from …
Could passwordless be the solution to poor shopping sign-up processes?
Retailers could be shutting down huge revenue streams due to poor shopping sign-up processes, a study from Beyond Identity has revealed. A survey of more than 1,000 people in …
Big data moving to Kubernetes with speed, complexities arising
Pepperdata announced the results of a new survey to gauge the pace at which enterprises are migrating big data applications to Kubernetes containers. 600 senior enterprise IT …
Attackers bypass Microsoft patch to deliver Formbook malware
Sophos Labs researchers have detected the use of a novel exploit able to bypass a patch for a critical vulnerability (CVE-2021-40444) affecting the Microsoft Office file …
Ransomware Empire: Who might blackmail your company?
The history of ransomware attacks covers slightly over 30 years. Over this modest period, cybercriminals have been relentlessly building ransomware capacities and improving …
CTO of Security at Salesforce talks e-commerce cybersecurity threat trends for 2022
Online retailers are dealing with more cybersecurity threats than ever before, and the holiday (shopping) season is when they have to fend them off most aggressively. In this …
Open-source software holds the key to solving Log4Shell-like problems
Earlier this month, the existence of a critical vulnerability in Apache Log4j 2 was revealed and a PoC for it published. Dubbed Log4Shell, it’s an issue in a logging library …
What’s stopping consumers from using credit freezes?
A Identity Theft Resource Center and DIG.Works research explored the relationship between data breach notices and a decision for a consumer to freeze their credit, as well as …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)