Hackers used credentials of a Microsoft Support worker to access users’ webmail
On Friday, an unknown number of customers of Microsoft’s webmail services (Outlook.com, Hotmail, MSN Mail) received a notice from the company telling them that attackers …
Employee cybersecurity essentials part 2: Lost devices and unsafe connections
Security is only as strong as its weakest link, and as we have seen, that includes your employees. Faulting workers for behavior they’ve become accustomed to in their private …
Bad security hygiene still a major risk for enterprise IT networks
Unpatched vulnerabilities, along with growing network and application complexity pose an ongoing security risk which could threaten the security of enterprise IT networks. …
As IT security automation increases, so does the need for highly skilled staff
The adoption of automation for IT security functions is on the rise across the US, UK and APAC, the latest DomainTools/Ponemon report has shown. The report, which is based on …
What is driving organizations’ cloud adoption?
Cloud adoption is gaining momentum, as 36 percent of organizations are currently in the process of migrating to the cloud while close to 20 percent consider themselves to be …
Google introduces many G Suite security enhancements
Last week, the big news from Google Cloud Next 2019 was that phones running Android 7.0 or higher can be turned into a security key for G Suite account 2-step verification. …
Healthcare orgs have to achieve true cybersecurity, not only compliance
How many organizations in the healthcare sector are conforming with the HIPAA Security and Privacy Rules and the National Institute of Standards and Technology Cybersecurity …
Manufacturing sector most vulnerable to insider threats
Almost three quarters of the 650+ international IT professionals Gurucul canvassed said they are vulnerable to insider threats, and ranked user error (39%) and malicious …
The top emerging risks organizations are facing
Gartner surveyed 98 senior executives across industries and geographies and found that “accelerating privacy regulation” had overtaken “talent shortages” as the top emerging …
The correlation between DDoS attacks and cryptomining
There is a direct correlation between cryptocurrency and DDoS attacks. As the price of cryptocurrency dropped in 2018, leading to decreased profits from cryptomining, hackers …
Week in review: Password-less security, WPA3 design flaws, new Windows 10 update controls
Here’s an overview of some of last week’s most interesting news and articles: Magento sites under attack through easily exploitable SQLi flaw A recently patched SQL injection …
Enterprise VPN apps store authentication and session cookies insecurely
CVE-2019-1573, a flaw that makes VPN applications store the authentication and/or session cookies insecurely (i.e. unencrypted) in memory and/or log files, affects a yet to be …
Featured news
Resources
Don't miss
- Report: The State of Secrets Sprawl 2025
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)
- Moving beyond checkbox security for true resilience
- Dependency-Check: Open-source Software Composition Analysis (SCA) tool
- Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK