Half of enterprises suffer breaches despite heavy security investments
Data breaches have become an increasingly severe threat, with recent reports highlighting a surge in their frequency and cost. Understanding the latest trends and statistics …
Lateral movement: Clearest sign of unfolding ransomware attack
44% of unfolding ransomware attacks were spotted during lateral movement, according to Barracuda Networks. 25% of incidents were detected when the attackers started writing or …
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific …
Two strategies to protect your business from the next large-scale tech failure
The CrowdStrike event in July clearly demonstrated the risks of allowing a software vendor deep access to network infrastructure. It also raised concerns about the …
Nuclei: Open-source vulnerability scanner
Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform …
Rebrand, regroup, ransomware, repeat
Changes witnessed over the last few years have led to larger ransomware groups breaking into smaller units, posing more considerable challenges for law enforcement. Ransomware …
Adversaries love bots, short-lived IP addresses, out-of-band domains
Fastly found 91% of cyberattacks – up from 69% in 2023 – targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing …
GenAI buzz fading among senior executives
GenAI adoption has reached a critical phase, with 67% of respondents reporting their organization is increasing its investment in GenAI due to strong value to date, according …
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases …
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)
A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw …
Vulnerability prioritization is only the beginning
To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure …
Fraud tactics and the growing prevalence of AI scams
In the first six months of 2024, Hiya flagged nearly 20 billion calls as suspected spam – more than 107 million spam calls everyday. The data showed spam flag rates of more …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?