The double-edged sword of open-source software
The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming …
Organizations are stepping up their game against cyber threats
Global median dwell time drops to just over two weeks, reflecting the essential role partnerships and the exchange of information play in building a more resilient …
3CX breach linked to previous supply chain compromise
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now …
VMware plugs security holes in VMware Aria Operations for Logs (CVE-2023-20864, CVE-2023-20865)
VMware has fixed two vulnerabilities (CVE-2023-20864, CVE-2023-20865) in VMware Aria Operations for Logs (formerly vRealize Log Insight), a widely used cloud solution for log …
How product security reached maturity
Product security has been driving major changes throughout the automotive, medical, and industrial sectors. However, just a few short years ago, it was a term few knew and …
Unlocking the passwordless era
Although interest in passwordless technology, which aims to eliminate the need for passwords, is relatively low, 65% of consumers are receptive to using new technology that …
Over 70 billion unprotected files available on unsecured web servers
Critical exposures outside of an organization’s firewall are the greatest source of cybersecurity threats, according to CybelAngel. Across all industries, these …
Study of past cyber attacks can improve organizations’ defense strategies
Ransomware operators have been increasingly launching frequent attacks, demanding higher ransoms, and publicly exposing victims, leading to the emergence of an ecosystem that …
Week in review: 5 free online cybersecurity resources for SMBs, AI tools might fuel BEC attacks
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Balancing cybersecurity with business priorities: Advice for Boards In this …
New infosec products of the week: April 21, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Armorblox, Cofense, D3 Security, Sotero, Venafi, Veracode, Versa Networks, and Zyxel …
Scammers using social media to dupe people into becoming money mules
Fraudsters are taking advantage of the widening fraud knowledge gap, outlining the urgent need for banks to educate and protect their customers with technology, according to …
Top three factors leading to burnout at work
47% of employees report feeling stressed in their everyday life, but nearly 70% believe their employer would support them in a time of need, according to Mercer Marsh …
Featured news
Resources
Don't miss
- The AI safety conversation is focused on the wrong layer
- Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
- GitHub-hosted malware campaign uses split payload to evade detection
- Measuring security performance in real-time, not once a quarter
- Attackers are handing off access in 22 seconds, Mandiant finds