“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
A “0.0.0.0-Day” vulnerability affecting Chrome, Safari and Firefox can be – and has been – exploited by attackers to gain access to services on …
August 2024 Patch Tuesday forecast: Looking for a calm August release
August 2024 Patch Tuesday is now live: Microsoft fixes 6 zero-days under active attack July ended up being more ‘exciting’ than many of us wanted; we’re supposed to be in the …
NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?
The Network and Information Security (NIS) 2 Directive is possibly one of the most significant pieces of cybersecurity regulation to ever hit Europe. The 27 EU Member States …
Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals
The sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) to exploit vulnerabilities …
Shorter TLS certificate lifespans expected to complicate management efforts
76% of security leaders recognize the pressing need to move to shorter certificate lifespans to improve security, according to Venafi. However, many feel unprepared to take …
Where internal audit teams are spending most of their time
Over half of key stakeholders including audit committees, company boards, and chief financial officers are looking to internal audit teams to take on more risk-related work, …
New infosec products of the week: August 9, 2024
Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, …
Microsoft 365 anti-phishing alert “erased” with one simple trick
Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails “disappear”. …
Menlo Zero Trust Access enhancements boost enterprise browsing security
Menlo Security has unveiled enhancements to Menlo Zero Trust Access, the company’s zero trust solution, which keeps enterprises steps ahead of adversaries. Simultaneously, the …
“Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days
A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A …
Securonix and Cribl partner to enhance threat detection with advanced data integration
Securonix and Cribl announced a strategic partnership focused on providing customers with enhanced threat detection, based on a broader range of enterprise data being analyzed …
Endor Labs launches Upgrade Impact Analysis and Magic Patches for SCA market
Endor Labs unveiled two capabilities, Upgrade Impact Analysis and Endor Magic Patches, that fix an expensive and time-consuming problem in the Software Composition Analysis …
Featured news
Resources
Don't miss
- Klue breach lead to Salesforce data theft, Huntress affected
- Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)
- Your browser tab could become encrypted storage for someone else’s files
- Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
- 74,000 Fortinet firewall credentials exposed in FortiBleed data leak