Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops Blink
This Thursday morning, Russia started its invasion on Ukraine and, as predicted, the attacks in the physical world have been preceded and accompanied by cyber attacks: Renewed …
Dragos partners with NSA and CISA to increase OT cybersecurity for United States critical infrastructure
Dragos has announced initiatives with the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) to strengthen security and visibility …
A “light” February 2022 Patch Tuesday that should not be ignored
February 2022 Patch Tuesday is here and it’s all-around “light” – light in fixed CVE-numbered vulnerabilities (51), extremely light in critical fixes …
The Log4j saga: New vulnerabilities and attack vectors discovered
The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j …
Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations
Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell (CVE-2021-44228) vulnerability is nowhere near finished. As Dr. …
Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077)
An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including …
Carrier strengthens cybersecurity program with CVE Numbering Authority
Carrier has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA). This designation allows Carrier to provide customers greater transparency and …
SecurityGate.io partners with Rokster to help industrial companies bridge the OT security skills gap
SecurityGate.io announced a partnership with Rokster, a technology consulting firm specializing in regulatory compliance, cybersecurity, artificial intelligence, blockchain, …
November 2021 Patch Tuesday forecast: More mandates in the United States
The global holiday season is upon us with Diwali happening now, Thanksgiving the end of the month, and then on to Christmas and New Years! But before we all start celebrating, …
ARMO adds MITRE ATT&CK framework to its open-source Kubernetes testing tool
ARMO released an expanded version Kubescape, an open-source testing tool for Kubernetes environments that is compliant with the standards set forth in the Kubernetes Hardening …
Qualys Ransomware Risk Assessment Service helps organizations to proactively combat ransomware attacks
Qualys released its Ransomware Risk Assessment Service to provide companies with visibility into their ransomware exposure and automate the patching and configuration changes …
Apple joins Cyber Readiness Institute as Co-Chair to improve cyber readiness for SMBs
The Cyber Readiness Institute (CRI) welcomed Apple as a Co-Chair of the organization. Apple joins CRI to further our mission to help small and medium-sized businesses (SMBs) …
Featured news
Resources
Don't miss
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations
- How Kim Crawley challenges big tech in “Digital Safety in a Dangerous World”
- Google strengthens secure enterprise access from BYOD Android devices