enterprise
How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …
Can your MFA implementations stymie MFA bypass attacks?
Shay Nahari, Head of Red-Team services at CyberArk, says that they’ve been increasingly asked by customers to probe their multi-factor authentication (MFA) defenses, …
What happens to email accounts once credentials are compromised?
Agari researchers entered unique credentials belonging to fake personas into phishing sites posing as widely used enterprise applications, and waited to see what the phishers …
Beware of “Ransomware system update” emails!
Emails referencing the Colonial Pipeline ransomware attack and looking like they’ve been sent from the corporate IT help desk have been hitting employees’ inboxes …
New Google tool reveals dependencies for open source projects
Google has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security …
White House urges private sector to enhance their ransomware defenses
In light of the ransomware attacks hitting high-profile targets such as the Colonial Pipeline and JBS, the White House has issued an open letter to private sector companies, …
Enterprise networks vulnerable to 20-year-old exploits
Popular preconceptions of enterprise security and network usage are often inaccurate, according to Cato Networks. While exotic attacks and nation-states such as Russia and …
Happy birthday GDPR: IoT impact and practical tips for compliance
With the GDPR now in its third year, compliance with the EU data privacy regulation is still a significant issue for organizations to tackle, especially especially when it …
Can zero trust kill our need to talk about locations?
As security professionals, we have acknowledged for over a decade that our data resides outside our network. Yet, we still talk about strategies for protecting the enterprise …
Sophos XDR: Threat hunting through the entire security ecosystem
Almost a decade ago, ransomware started becoming a prominent consumer problem, locking computers and threatening users with fines and jail time for supposedly downloading …
48 recommendations for a global fight against ransomware
The Institute for Security and Technology’s Ransomware Task Force (RTF) has released a comprehensive strategic framework to help worldwide organizations fight against …
Q1 2021 ransomware trends: Most attacks involved threat to leak stolen data
The vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a …
Featured news
Resources
Don't miss
- Apple offers $2 million for zero-click exploit chains
- Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
- October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
- From theory to training: Lessons in making NICE usable
- Securing agentic AI with intent-based permissions