enterprise
How to achieve and shore up cyber resilience in a recession
Today’s business leaders are grappling with two opposing challenges. On the one hand, present day global economic and recessionary pressures mean spending policies need to be …
Google Cloud Platform allows data exfiltration without a (forensic) trace
Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s …
Microsoft Exchange admins advised to expand antivirus scanning
After having stressed the importance of keeping Exchange servers updated last month, Microsoft is advising administrators to widen the scope of antivirus scanning on those …
Third-party risks overwhelm traditional ERM setups
Enterprise risk management (ERM) teams are struggling to effectively mitigate third-party risk in an increasingly interconnected business environment, according to Gartner. …
Microsoft announces automatic BEC, ransomware attack disruption capabilities
Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite. On Wednesday, it announced that these …
Cybersecurity layoffs in 2023: What to expect?
The economic downturn predicted for 2023 will lead to layoffs but cybersecurity workers will be least affected, says the latest (ISC)² report. Also, as soon as things get …
VMware patches critical injection flaw in Carbon Black App Control (CVE-2023-20858)
VMware has fixed a critical vulnerability (CVE-2023-20858) in Carbon Black App Control, its enterprise solution for preventing untrusted software from executing on critical …
What can we learn from the latest Coinbase cyberattack?
Cryptocurrency exchange Coinbase has fended off a cyberattack that might have been mounted by the same attackers that targeted Twillio, Cloudflare and many other companies …
Helping users and organizations build an instinctive data privacy habit
Each year at the end of January, internet users are deluged with advice on how to keep their data protected and reclaim their online privacy. What started as Data Privacy Day …
Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)
Australian software maker Atlassian has released patches for CVE-2023-22501, a critical authentication vulnerability in Jira Service Management Server and Data Center, and is …
Vulnerability in Cisco industrial appliances is a potential nightmare (CVE-2023-20076)
Cisco has released patches for a high-severity vulnerability (CVE-2023-20076) found in some of its industrial routers, gateways and enterprise wireless access points, which …
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts
Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …
Featured news
Sponsored
Don't miss
- Prompt Fuzzer: Open-source tool for strengthening GenAI apps
- How insider threats can cause serious security breaches
- Most people still rely on memory or pen and paper for password management
- What AI can tell organizations about their M&A risk
- Breaking down the numbers: Cybersecurity funding activity recap