What contractors should start to consider with the DoD’s CMMC compliance standards
Q1 2021 has been a tumultuous period in our era of cyber espionage. The Center For Strategic & International Studies (CSIS), which has been tracking “significant cyber …
Dispelling four myths about automating PKI certificate lifecycle management
The public key infrastructure (PKI) underpins the most effective strategy for securing communications between machines, network and mobile devices, virtual servers, and the …
Crystal Eye XDR: Protect, detect and respond to threats from a single unified platform
In this interview with Help Net Security, Adam Bennett, CEO at Red Piranha, discusses Extended Detection and Response and their flagship product – Crystal Eye XDR. …
Cloud native adoption increasing security concerns
Cloud native adoption has both transformed the way organizations build modern applications and resulted in increased security threats and concerns, according to a research by …
Kubernetes adoption continues to grow
Portworx released findings from its survey which assesses the mass adoption and evolution of Kubernetes usage among enterprise users in the last 12 months, in addition to the …
Counterfit: Open-source tool for testing the security of AI systems
After developing a tool for testing the security of its own AI systems and assessing them for vulnerabilities, Microsoft has decided to open-source it to help organizations …
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …
Is it OK to publish PoC exploits for vulnerabilities and patches?
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …
Defeating typosquatters: Staying ahead of phishing and digital fraud
It has become a mantra for businesses targeted by hackers to describe the incident as a “sophisticated cyber-attack”. Although true in some instances, the reality is that most …
How modern workflows can benefit from pentesting
Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) or network …
61% of cybersecurity teams are understaffed
The pandemic’s disruption has rippled across the globe, impacting workforces in nearly every sector. However, according to the findings from a survey report from ISACA and HCL …
Pandemic accelerating need for insider risk management
As companies exit the pandemic, security leaders will be challenged with new data security complexities. Remote work over the past year magnified challenges that companies …
Featured news
Resources
Don't miss
- North Korean IT workers are extorting employers, FBI warns
- GUI frontends for GnuPG, the free implementation of the OpenPGP standard
- Juniper enterprise routers backdoored via “magic packet” malware
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)