enterprise
Warshipping: Attackers can access corporate networks through the mailroom
Most infosecurity professionals have heard of wardialing and wardriving, but what about warshipping? The expression has been coined by IBM X-Force Red researchers to describe …
Organizations are employing cyber-resilient strategies in new ways
Wipro released its 2019 State of Cybersecurity Report, which highlights the rising importance of cybersecurity defense to global leaders, the emergence of the CISO as a …
G Suite news: Anomalous alert activity for Google Drive, Advanced Protection for enterprise users
Google is rolling out new security options for G Suite users and admins, aimed at alerting organizations about data exfiltration attempts on Google Drive and helping them …
Capital One breach: Info on 106 million customers compromised, hacker arrested
Capital One, one of the largest banks in the United States by assets, has announced that it has suffered a massive data breach affecting the personal and financial information …
200 million enterprise, industrial, and medical devices affected by RCE flaws in VxWorks RTOS
Armis researchers have discovered 11 vulnerabilities (including 6 critical RCE flaws) in Wind River VxWorks, a real-time operating system used by more than two billion devices …
Cloud adoption and security are not mutually exclusive
As organizations continue to adopt cloud services to achieve their desired business objectives, many don’t realize that the thing that makes cloud computing great – …
How to improve the hiring and retaining of infosec professionals?
The cybersecurity staffing and skills shortage is a well-known reality and the situation is predicted to get worse in the coming years. There are many problems There are …
True passwordless authentication is still quite a while away
The password has been one of the great inventions in the history of computing: a solution that allowed simple and effective identity and access management when the need arose …
Researcher releases PoC code for critical Atlassian Crowd RCE flaw
A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution …
A fileless campaign is dropping the Astaroth info-stealer
Attackers are delivering the Astaroth info-stealing backdoor by leveraging a combination of fileless malware and “living off the land” techniques, …
Google delivers new G Suite security tools
Google has announced several new security tools for G Suite admins and users, as well as a new 2FA option: one-time security codes based on security keys. Email security …
Ransomware disrupts worldwide production for Belgian aircraft parts maker
ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around …
Featured news
Resources
Don't miss
- Treating MCP like an API creates security blind spots
- Offensive cyber power is spreading fast and changing global security
- Enterprise password audits made practical for busy security teams
- What zero trust looks like when you build it step by step
- Social data puts user passwords at risk in unexpected ways