
Researchers discover 40+ insecure drivers for Windows
Spurred by several past instances of attackers abusing device drivers to install a kernel rootkit or malicious firmware implants, Eclypsium researchers have decided to probe …

SOC-as-a-Service promises threat protection in a world of scarce resources
Despite more than a few decades’ worth of technological advancement and millions of dollars’ worth of research, cyber threats continue to flourish. The situation has been …

Anomali discovers phishing campaign targeting Chinese government agencies
Anomali, a leader in intelligence-driven cybersecurity solutions, published at Black Hat USA 2019 its latest research report: Suspected BITTER APT Continues Targeting …

Nmap 7.80 released: A mature Npcap Windows packet capturing driver, 11 new NSE scripts
Nmap is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network …

Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …

Pitfalls to avoid when improving your software development skills
The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and IT security industry. Luckily, the opportunities for …

Kubernetes security matures: Inside the project’s first audit
Auditing 1.5 million lines of code is a heroic undertaking. With resources provided by the Cloud Native Computing Foundation (CNCF), the Kubernetes Project leadership created …

Week in review: SWAPGS attack, DNS security, vulnerable Siemens PLCs, Black Hat USA 2019
Here’s an overview of some of last week’s most interesting news, interviews and articles: Embracing the cloud and meeting its security demands You might expect …

Apple expands bug bounty program, opens it to all researchers, raises rewards
Three years ago at the Black Hat conference, Apple announced its first bug bounty program, which was invite-only and limited to iOS. At this year’s edition of the con, …

Vulnerabilities in Siemens’ most secure industrial PLCs can lead to industrial havoc
Critical vulnerabilities in the Siemens S7 Simatic programmable logic controller (PLC) have been discovered by cybersecurity researchers at Tel Aviv University and the …

Security flaw could turn load balancers into beachheads for cyber attacks
Cyber security provider F-Secure is advising organizations using F5 Networks’ BIG-IP load balancer, which is popular amongst governments, banks, and other large corporations, …

August 2019 Patch Tuesday forecast: Expect updates from Adobe, stay current on other updates
Microsoft released details on August 6 regarding another variant of the Spectre Variant 1 speculative execution side channel vulnerability (CVE-2019-1125). The vulnerability …
Featured news
Resources
Don't miss
- Quantifying cyber risk strategies to resonate with CFOs and boards
- Top 5 threats keeping CISOs up at night in 2025
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption