Enterprise VPN apps store authentication and session cookies insecurely
CVE-2019-1573, a flaw that makes VPN applications store the authentication and/or session cookies insecurely (i.e. unencrypted) in memory and/or log files, affects a yet to be …
A quarter of phishing emails bypass Office 365 security
Email phishing is one of the most often used – and most successfully used – attack vectors that lead to cybersecurity incidents and breaches. Microsoft is the most …
77% of orgs lack a cybersecurity incident response plan
How prepared are organizations when it comes to withstanding and recovering from a cyberattack? The fourth annual benchmark study on Cyber Resilience by IBM Security and the …
The surveillance economy has set its sights on smartphone sensors
The most successful companies of our time are those who’ve mastered user data – collecting it, analyzing it and profiting from it – typically at the expense of user privacy. …
How password-less security benefits helpdesks
IT departments and helpdesk teams are desperately overworked and understaffed, and unfortunately, they continue to get inundated with even more tasks. Helpdesk teams are there …
Who are the biggest targets of credential stuffing attacks?
Media organizations, gaming companies, and the entertainment industry are among the biggest targets of credential stuffing attacks, in which malicious actors tap automated …
WPA3 design flaws affect security of new Wi-Fi standard
Researchers have discovered a number of design flaws affecting the security of the recently introduced WPA3 data transmission protocol. Collectively dubbed Dragonblood …
WikiLeaks’ Julian Assange arrested in London
Wikileaks founder Julian Assange has been arrested by officers of the Metropolitan Police at the Embassy of Ecuador in London. “He has been taken into custody at a …
TRITON attackers detected at another critical infrastructure facility
The attackers who were first spotted wielding the custom TRITON framework have targeted another critical infrastructure facility, FireEye researchers have revealed on …
Vendor risk management programs are running harder just to stay in place
Increasing pressures in the risk and regulatory environments continue to pose severe challenges to third-party vendor risk management (VRM) programs, a recent survey by …
Regulating the IoT: Impact and new considerations for cybersecurity and new government regulations
In 2019 we have reached a new turning point in the adoption of IoT – more markets and industries are migrating to a cloud-based infrastructure, and as the IoT continues to …
Finance knocks business and professional services off top spot in four most attacked industries
Finance is the most attacked sector in EMEA, accounting for 30% of all attacks – compared to 17% globally, according to NTT Security. It knocks business and professional …
Featured news
Resources
Don't miss
- Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
- Self-sovereign identity could transform fraud prevention, but…
- Ghidra 11.3 released: New features, performance improvements, bug fixes
- Ransomware payments plummet as more victims refuse to pay
- The overlooked risks of poor data hygiene in AI-driven organizations