Critical ManageEngine ADSelfService Plus RCE flaw patched
A critical vulnerability (CVE-2020-11552) in ManageEngine ADSelfService Plus, an Active Directory password-reset solution, could allow attackers to remotely execute commands …
The precision of security undermined by a failure to correlate
If Paul Newman’s Cool Hand Luke character were to address the security industry, his opening line would likely be: “What we have here is a failure to correlate.” Today, one of …
Internal investigations are changing in the age of COVID-19
Internal investigations in corporations are typically conducted by the human resources (HR) department, internal compliance teams, and/or the IT department. Some cases may …
Why the rapid transition to cloud demands that DevOps shift left
To accommodate remote work policies amid COVID-19, companies have increasingly adopted the public cloud to support off-site business continuity. A MarketsandMarkets analysis …
6,600 organizations bombarded with 100,000+ BEC attacks
Cybercriminals are increasingly registering accounts with legitimate services, such as Gmail and AOL, to use them in impersonation and BEC attacks, according to Barracuda …
DevOps is transforming database development in the healthcare sector
As IT teams across the country struggle with smaller budgets and staffing shortages, every industry has seen a rising demand for standardized process and automation to quickly …
Week in review: Free security tools, TeamViewer flaw, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news and articles: August 2020 Patch Tuesday forecast: Planning for the end? There doesn’t seem to be an …
Researchers flag two zero-days in Windows Print Spooler
In May 2020, Microsoft patched CVE-2020-1048, a privilege escalation vulnerability in the Windows Print Spooler service discovered by Peleg Hadar and Tomer Bar from SafeBreach …
August 2020 Patch Tuesday forecast: Planning for the end?
There doesn’t seem to be an end in sight to the COVID-19 crisis, but there are some important end-of-life/end-of-support dates we should be aware of when it comes to software. …
New infosec products of the week: August 7, 2020
Radiflow launches CIARA, a ROI-driven risk assessment and management platform for industrial organizations CIARA is a fully automated tool for assets data collection, …
DDoS attacks in April, May and June 2020 double compared to Q2 2019
Findings from Link11’s H1 2020 DDoS Report reveal a resurgence in DDoS attacks during the global COVID-19 related lockdowns. In April, May and June 2020, the number of …
What are the benefits of automated, cloud-native patch management?
Could organizations recoup their share of more than $1 billion per quarter by moving away from legacy solutions to cloud-native patch management and endpoint hardening? A new …
Featured news
Resources
Don't miss
- January 2026 Patch Tuesday forecast: And so it continues
- How AI agents are turning security inside-out
- Security teams are paying more attention to the energy cost of detection
- Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)
- PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)