Attackers exploit Twilio’s misconfigured cloud storage, inject malicious code into SDK
Twilio has confirmed that, for 8 or so hours on July 19, a malicious version of their TaskRouter JS SDK was being served from one of their AWS S3 buckets. “Due to a …
REMnux toolkit for malware analysis version 7 released
REMnux is a popular Linux-based toolkit for reverse-engineering malicious software which malware analysts have been relying on for more than 10 years to help them quickly …
How do cybercriminals secure cybercrime?
Trend Micro unveiled new insights analyzing the market for underground hosting services and detailing how and where cybercriminals rent the infrastructure that hosts their …
Closing the skills gap can minimize the business impact of cyberattacks
CISOs who are successful at reducing or closing the critical skills gap have the highest probability of minimizing the business impact of cyberattacks – even when budgets and …
Organizations with poor privacy practices 80% more likely to suffer data breach
There’s a predictive relationship between responsible privacy practices and security outcomes, according to Osano. Companies with inadequate data privacy practices are …
Human error: Understand the mistakes that weaken cybersecurity
43% of US and UK employees have made mistakes resulting in cybersecurity repercussions for themselves or their company, according to a Tessian report. With human error being a …
Deep Packet Inspection challenges for telecom and security vendors
Enea announced the results of the first survey about deep packet inspection (DPI) challenges, conducted among high-tech product managers. The goal of the survey is to better …
There’s CISSP training, then there’s official CISSP training
The CISSP is the most highly regarded certification in the cybersecurity industry, so it isn’t surprising that countless training companies offer CISSP exam prep. But you …
Microsoft releases new encryption, data security enterprise tools
Microsoft has released (in public preview) several new enterprise security offerings to help companies meet the challenges of remote work. Double Key Encryption for Microsoft …
Adobe out-of-band security updates for Photoshop, Prelude, Bridge
A week after July 2020 Patch Tuesday, Adobe has released out-of-band security updates to fix thirteen vulnerabilities – twelve of which critical – in Adobe …
How do I select a DMARC solution for my business?
Domain-based Message Authentication, Reporting & Conformance (DMARC), is an email authentication, policy, and reporting protocol. It builds on the SPF and DKIM protocols …
Cybersecurity teams are struggling with a lack of visibility into key security controls
89% of security professionals are most concerned about phishing, web and ransomware attacks. This is especially alarming, considering that only 48% confirm that they have …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege