Week in review: Web shell malware, client-side web security, phishers exploit Zoom and Webex
Here’s an overview of some of last week’s most interesting news and articles: 46% of SMBs have been targeted by ransomware, 73% have paid the ransom Ransomware …
Five best practices for achieving and maintaining SOC 2 compliance
A crucial framework for technology companies and cloud-based organizations, SOC 2 is both a technical audit and a requirement that comprehensive information security policies …
New infosec products of the week: April 24, 2020
Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture Trustwave Security Colony is based on thousands of hours of actual consulting …
Client-side web security
To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to …
Work-from-home creates multitude of opportunities for leaks
Breaches of corporate and government data appear to be running at a level even higher than experts had feared going into stay-at-home orders due to COVID-19, the International …
The true costs incurred by businesses for technology downtime
Technology downtime is becoming a huge issue. IT challenges and poor digital work experiences are costing businesses tens of millions of dollars in lost work time and that the …
Web shell malware continues to evade many security tools
Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals …
Phishers exploiting employees’ layoff, payroll concerns
A few days ago, we outlined several phishing campaigns going after Zoom and WebEx credentials of employees. Two new ones are trying to exploit their (at the moment very …
Let’s be realistic about our expectations of AI
Pop culture contains no shortage of intelligent robots. When the tool became viable and widely available in real life, people brought a number of enthusiastic but unrealistic …
Massive work-from-home movement exposes cybersecurity weaknesses
News coverage of the recent uptick in cyber threat activity is showing an incomplete picture. Despite the focus on VPN hacks and attacks at home, computers at more than 50,000 …
Google unveils secure remote access service to unburden enterprise VPNs
Google has made available BeyondCorp Remote Access, a cloud-based, zero trust service that allows employees, contractors and partners to securely access specific corporate …
With a transition to remote work, network visibility becomes more critical than ever
More than 64 percent of organizations suffered at least one successful attack within the last year, and 59 percent believe lack of network visibility poses a high or very high …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)