How to avoid 4 common zero trust traps (including one that could cost you your job)
Formulated by a research analyst over a decade ago, the zero-trust security model was embraced by thought leaders. And when Google, with its unlimited budget and resources, …
December 2020 Patch Tuesday forecast: Always consider the risk
The final Patch Tuesday of the year is upon us and what a year it has been. Forcing many changes this year, the pandemic has impacted the way we conduct both security and IT …
25 vulnerabilities exploited by Chinese state-sponsored hackers
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or …
NSA warns about Sandworm APT exploiting Exim flaw
The Russian APT group Sandworm has been exploiting a critical Exim flaw (CVE-2019-10149) to compromise mail servers since August 2019, the NSA has warned in a security …
Web shell malware continues to evade many security tools
Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals …
Photos: RSA Conference 2020, part 3
RSA Conference 2020 is underway at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Here are a few photos from …
Speakers announced for CSA Summit at RSA Conference 2020
The Cloud Security Alliance (CSA) announced its headlining speakers for the 11th annual CSA Summit at RSA Conference 2020 (Feb. 24, San Francisco). Phil Venables, Board …
NSA unveils Ghidra reverse engineering tool at RSA Conference 2019
The National Security Agency (NSA) has released Ghidra, a free and cross-platform software reverse engineering tool suite used internally by the intelligence agency. They are …
Three things to know about the dark web
One of the more curious aspects about the dark web is that it didn’t start out as such a dark place: it began with bulletin boards in the 80s and 90s – the markets of …
US Cyber Command gets unified military command status
Last week, US President Donald Trump announced that the United States Cyber Command, which is currently a division of the NSA, will be elevated to the status of a Unified …
WannaCry: Who’s behind it? Who’s to blame?
As the amount of money in the three bitcoin addresses associated with the WannaCry attack slowly continues to rise, the question of who is behind the ransomware is still …
Microsoft to governments: Stop hoarding vulnerabilities
Microsoft is full of surprises lately: first they issued patches for unsupported versions of Windows, then they publicly criticized the NSA for hoarding knowledge about …
Featured news
Resources
Don't miss
- Groupe Rocher CISO on strengthening a modern retail cybersecurity strategy
- Zen-AI-Pentest: Open-source AI-powered penetration testing framework
- Singapore telcos breached in China-linked cyber espionage campaign
- Microsoft tightens Windows security with app transparency and user consent
- Unpatched SolarWinds WHD instances under active attack