Attackers tried to grab WordPress configuration files from over a million sites
A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …
New infosec products of the week: June 5, 2020
Checkmarx SCA: New SaaS-based software composition analysis solution CxSCA leverages Checkmarx’s source code analysis and automation capabilities, empowering security and …
Despite investing in DevOps tools and practices, teams still encounter customer-impacting errors
An overwhelming majority of organizations prioritize software quality over speed, yet still experience customer-impacting issues regularly, according to OverOps. The report, …
Understanding cyber threats to APIs
This is the fourth of a series of articles that introduces and explains API security threats, challenges, and solutions for participants in software development, operations, …
Digital transformation drives middle market resiliency
Digital transformation has tipped from buzzword to baseline in the middle market, and not a moment too soon. As the COVID-19 pandemic threatens the health of people and …
Enterprise mobile phishing increased by 37% in Q1 2020
There was a 37 percent increase worldwide in enterprise mobile phishing encounter rate between the fourth quarter of 2019 and the first quarter of 2020, according to Lookout. …
Cisco plugs bucketful of security holes in industrial routers, switches
Cisco has fixed more than two dozen critical and high-severity security vulnerabilities affecting operating systems running on the company’s carrier-grade and industrial …
Zoom to offer end-to-end encryption only to paying customers
As Zoom continues on its path to bring end-to-end encryption (E2EE) to users, the big news is that only paid users will have access to the option. “Free users for sure we …
Office 365 users: Beware of fake company emails delivering a new VPN configuration
Phishers are impersonating companies’ IT support team and sending fake VPN configuration change notifications in the hopes that remote employees may be tricked into …
Cooking up secure code: A foolproof recipe for open source
The use of open source code in modern software has become nearly ubiquitous. It makes perfect sense: facing ever-increasing pressures to accelerate the rate at which new …
Researchers develop IoT security and privacy label
When hungry consumers want to know how many calories are in a bag of chips, they can check the nutrition label on the bag. When those same consumers want to check the security …
Increased attacks and the power of a fully staffed cybersecurity team
The cybersecurity landscape is constantly evolving, and even more so during this time of disruption. According to ISACA’s survey, most respondents believe that their …
Featured news
Resources
Don't miss
- Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits
- Weak enforcement keeps PCI DSS compliance low
- Formal proofs expose long standing cracks in DNSSEC
- WatchGuard Firebox firewalls under attack (CVE-2025-14733)
- Docker makes hardened images free open and transparent for everyone