Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)
JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose users of its integrated development environments (IDEs) to GitHub access token compromise. …
Cloud migration expands the CISO role yet again
The CISO role used to be focused primarily on information security — creating and implementing policies to safeguard an organization’s data and IT infrastructure from …
Preparing for a career in cybersecurity? Check out these statistics
This article includes excerpts from various reports that provide statistics and insights on cybersecurity jobs, skills shortages, and workforce dynamics. Lack of skills and …
Security providers view compliance as a high-growth opportunity
85% of managed service and security providers face significant challenges maintaining compliance for customers, with lack of resources, expertise, or technology cited as the …
The number of known Snowflake customer data breaches is rising
LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from …
AI’s role in accelerating vulnerability management
With its capability to analyze, predict, and automate, AI stands to reshape many corners of business, most notably cybersecurity. In the field of vulnerability management …
Radare: Open-source reverse engineering framework
Radare is an open-source UNIX-like reverse engineering framework and command-line toolset. It can be scripted, modified, and used for batch analysis. “I started the …
Why CISOs need to build cyber fault tolerance into their business
CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, …
Cybersecurity pros change strategies to combat AI-powered threats
75% of security professionals had to change their cybersecurity strategy in the last year due to the rise in AI-powered cyber threats, with 73% expressing a greater focus on …
Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If …
Windows Recall will be opt-in and the data more secure, Microsoft says
The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature …
SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995)
SolarWinds has fixed a high-severity vulnerability (CVE-2024-28995) affecting its Serv-U managed file transfer (MFT) server solution, which could be exploited by …