Please turn on your JavaScript for this page to function normally.
arrows
Which cybersecurity controls are organizations struggling with?

How are organizations performing across cybersecurity controls in the Minimum Viable Secure Product (MVSP) framework? A recent analysis by Bitsight and Google reveals some …

patch
December 2023 Patch Tuesday forecast: ‘Tis the season for vigilance

UPDATE: December 12, 12:12 PM PT – The news is live: December 2023 Patch Tuesday: 33 fixes to wind the year down The final Patch Tuesday of the year is almost upon us! …

Google Chrome
Google fixes Chrome zero day exploited in the wild (CVE-2023-6345)

Google has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability (CVE-2023-6345) that is being actively …

Google Workspace
Design flaw leaves Google Workspace vulnerable for takeover

A design flaw in Google Workspace’s domain-wide delegation feature, discovered by Hunters’ Team Axon, can allow attackers to misuse existing delegations, enabling privilege …

Taylor Lehmann
The real cost of healthcare cybersecurity breaches

With each step towards digitalization, from cloud computing to electronic records, the healthcare sector faces mounting risks that threaten not just the privacy but the very …

Google Play
Google Play will mark independently validated VPN apps

Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data …

Google
Google expands bug bounty program to cover AI-related threats

Google has expanded its bug bounty program, aka Vulnerability Rewards Program (VRP), to cover threats that could arise from Google’s generative AI systems. …

Person
Legacy authentication leads to growing consumer frustration

Despite widespread usage of passwords lingering on, consumers want to use stronger, more user-friendly alternatives, according to FIDO Alliance. Entering a password manually …

Google Play Protect
Google Play Protect takes on malicious apps with code-level scanning

Google is enhancing Google Play Protect’s real-time scanning to include code-level scanning, to keep Android devices safe from malicious and unwanted apps, especially …

WinRAR
State-sponsored APTs are leveraging WinRAR bug

A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. …

Phil Venables
The collaborative power of CISOs, CTOs and CIOs for a secure future

In this Help Net Security interview, Phil Venables, CISO at Google Cloud, discusses the results of a recent Google report on board collaboration with the C-suite — …

CVE-2023-44487
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed …

Don't miss

Cybersecurity news