Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. …
The shifting sands of the war against cyber extortion
Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware …
8 free AI and GenAI courses from AWS
Amazon’s AI Ready initiative aims to provide free AI skills training and education to 2 million people globally by 2025. “Artificial intelligence is the most …
PolarDNS: Open-source DNS server tailored for security evaluations
PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. What can you do with …
Organizations’ serious commitment to software risk management pays off
There has been a significant decrease in vulnerabilities found in target applications – from 97% in 2020 to 83% in 2022 – an encouraging sign that code reviews, automated …
The hidden obstacles to integrating AI into your business
A mere 14% of organizations globally are fully prepared to deploy and leverage AI-powered technologies, according to Cisco. The report highlights companies’ preparedness …
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)
CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been …
9 Black Friday cybersecurity deals you don’t want to miss
PortDroid PortDroid is a trusted app for all network analysis tasks. Designed with network administrators, penetration testers, and technology enthusiasts in mind, this app …
How effective compensation makes a difference with cyber talent retention
Aligning cybersecurity organization models with business objectives enables talent retention and security program success, according to IANS and Artico Search. CISOs’ …
Smaller businesses embrace GenAI, overlook security measures
Organizations are feeling the pressure to rush into generative AI (GenAI) tool usage, despite significant security concerns, according to Zscaler. More than 900 global IT …
Only 9% of IT budgets are dedicated to security
Despite their best efforts, 67% of businesses say they need to improve security and compliance measures with 24% rating their organization’s security and compliance strategy …
Week in review: Juniper devices compromised, great corporate security blogs, MITRE D3FEND
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The real cost of healthcare cybersecurity breaches In this Help Net Security …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?