January 2024
Does CVSS 4.0 solve the exploitability problem?
The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is …
Proactive cybersecurity: A strategic approach to cost efficiency and crisis management
In this Help Net Security interview, Stephanie Hagopian, VP of Security at CDW, discusses offensive strategies in the face of complex cyberattacks and the role of the …
How to make developers accept DevSecOps
According to a recent Dynatrace report, only 50% of CISOs believe that development teams have thoroughly tested the software for vulnerabilities before deploying it into the …
Cybercriminals replace familiar tactics to exfiltrate sensitive data
Ransomware attacks are increasing again as cybercriminals’ motivation shifts to data exfiltration, according to Delinea. The familiar tactics of crippling a company and …
Database management enters a new era of complexity
Increasing complexity, the rapid adoption of emerging technologies and a growing skills gap are the biggest concerns facing IT leaders in 2024, according to Redgate. 30% of …
SentinelOne launches threat hunting capabilities in its WatchTower and WatchTower Pro
Organizations today face a relentless pace of sophisticated cyber attacks that they must be able to swiftly detect and neutralize to keep their assets and infrastructure safe. …
Siren launches AI-Powered search with mobile access for front line officers
Siren has launched a new AI-Powered search with mobile access as part of its latest release and its Siren for Law Enforcement product bundle. Siren provides a complete suite …
NordVPN Link Checker protects users from malicious websites
Link Checker from NordVPN is a manual URL-checking tool that enables users to examine a website’s safety before visiting by scanning it for different types of malware …
Self-managed GitLab installations should be patched again (CVE-2024-0402)
Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability …
HaystackID enhances Protect Analytics AI Suite to strengthen data analysis
HaystackID announced the expansion of its Protect Analytics AI Suite of AI enabled services designed to enhance the efficiency and effectiveness of identifying, analyzing, and …
Qualys expands partnership with Orange Cyberdefense to optimize vulnerability management activities
Qualys announced that it is expanding its partnership with Orange Cyberdefense. This expansion signifies that Qualys’ capabilities such as Vulnerability Management, …
Hundreds of network operators’ credentials found circulating in Dark Web
After the recent incident involving Orange España and the leakage of credentials from the RIPE NCC portal, which led to a major outage, the cybersecurity community needs to …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM