Wormable Windows SMBv3 RCE flaw leaked, but not patched
Yesterday, when Microsoft released its regular Patch Tuesday fixes, Cisco Talos and Fortinet inadvertently(?) also published information about CVE-2020-0796, a …
Cybercriminals leveraging coronavirus outbreak to execute ransomware attacks
Cybercriminals are likely to leverage the global anxiety around the coronavirus outbreak to execute ransomware attacks against businesses, according to RiskIQ. After extensive …
DNS over HTTPS misuse or abuse: How to stay secure
Firefox and Chrome have recently begun supporting external DNS resolvers in the cloud. The use of these DNS services bypasses controls that enterprise IT organizations put in …
IRS scams during tax season target unsuspecting consumers
Scam robocalls and phishing emails disguised as banks continue to trick consumers to put their personal information at risk, and tax season is no exception. Increase in …
Multi-cloud and edge deployments threatened by security and connectivity problems
Organizations face major infrastructure and security challenges in supporting multi-cloud and edge deployments, according to a Volterra survey of more than 400 IT executives. …
Excel template: Plan and monitor your security spending
The Ultimate Security Budget Plan & Track template is an Excel spreadsheet that comes pre-packaged with the required formulas to continuously measure, on a monthly basis, …
March 2020 Patch Tuesday: Microsoft fixes 115 vulnerabilities, Adobe none
It’s March 2020 Patch Tuesday and Microsoft has dropped fixes for 115 CVE-numbered flaws: 26 are critical, 88 important, and one of moderate severity. The good news is …
Hackers are getting hacked via trojanized hacking tools
Someone has been trojanizing a wide variety of hacking tools to compromise the machines of hackers who want to use the tools for free, Cybereason researcher Amit Serper has …
Hackers are compromising vulnerable ManageEngine Desktop Central instances
Is your organization using ManageEngine Desktop Central? If the answer is yes, make sure you’ve upgraded to version 10.0.474 or risk falling prey to attackers who are …
Why a risk-based approach to application security can bolster your defenses
Like it or not, cybercrime is big business these days. A casual glance at the news at any given time will typically reveal several new breaches, usually involving eye-watering …
What is open threat intelligence and what is driving it?
In this podcast recorded at RSA Conference 2020, Todd Weller, Chief Strategy Officer at Bandura Cyber, discusses the modern threat intelligence landscape and the …
PPP Daemon flaw opens Linux distros, networking devices to takeover attacks
A vulnerability (CVE-2020-8597) in the Point-to-Point Protocol Daemon (pppd) software, which comes installed on many Linux-based and Unix-like operating systems and networking …
Featured news
Sponsored
Don't miss
- Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)
- eBook: 20 tips for secure cloud migration
- Microsoft 365 users targeted by phishers abusing Microsoft Forms
- Enhancing threat detection for GenAI workloads with cloud attack emulation
- Cirrus: Open-source Google Cloud forensic collection