5 steps to building NSA-level access control for your app
Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it. Especially when it comes to the biggest …
North Korea targets US, South Korean hospitals with ransomware to fund further cyber operations
US and South Korean agencies have issued a joint cybersecurity advisory describing the tactics, techniques and procedures used by North Korean hackers to deploy …
NSA publishes IPv6 Security Guidance
The National Security Agency (NSA) published guidance to help Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with …
State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)
An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) …
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
KSOC announces that its Kubernetes security platform supports hardening NSA/CISA guidelines
KSOC announced that their platform satisfies the Kubernetes hardening guidelines issued by the National Security Agency (NSA) and Cybersecurity and Infrastructure Security …
Dragos partners with NSA and CISA to increase OT cybersecurity for United States critical infrastructure
Dragos has announced initiatives with the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) to strengthen security and visibility …
The dangers behind wildcard certificates: What enterprises need to know
With the National Security Agency recently issuing guidance on the risks associated with wildcard TLS certificates and Application Layer Protocols Allowing Cross-Protocol …
Huntress launches endpoint protection capabilities to defend SMBs from cyberattacks
Huntress launched a series of platform enhancements designed to protect small and midsize businesses (SMBs) from modern cyberthreats. The release includes the general …
ARMO adds MITRE ATT&CK framework to its open-source Kubernetes testing tool
ARMO released an expanded version Kubescape, an open-source testing tool for Kubernetes environments that is compliant with the standards set forth in the Kubernetes Hardening …
IriusRisk expands its Technical Advisory Board with three new members
IriusRisk has added three new members to its Technical Advisory Board to help inform the development of its automated threat modeling platform and address the software …
Chris Cochran and Ron Eddings join Axonius as Creative Directors
Axonius announced that Chris Cochran and Ron Eddings, highly experienced security professionals and the producers and hosts of the popular Hacker Valley Studio podcast, have …
Featured news
Resources
Don't miss
- Logitech confirms data breach
- Five men admit helping North Korean IT workers infiltrate US companies
- The tech that turns supply chains from brittle to unbreakable
- Strix: Open-source AI agents for penetration testing
- Product showcase: SecAlerts – Relevant, actionable, up-to-the-minute vulnerability alerts