Corporate attack surface exploding as a result of remote work
74% of organizations attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place during the pandemic. The data is drawn from a study of more …
Tenable to acquire Accurics to expand its IaC and cloud security capabilities
Tenable announced that it has entered into a definitive agreement to acquire Accurics, a pioneer in delivering cloud-native security for both DevOps and security teams. …
Microsoft patches actively exploited zero-day (CVE-2021-36948), more Print Spooler flaws
Microsoft’s August 2021 Patch Tuesday is pretty lightweight, through it covers a wide variety of Microsoft solutions. 44 CVE-numbered security holes have been plugged, …
NIST selects Ivanti on Implementing A Zero Trust Architecture project
Ivanti announced that it has been selected by the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) to participate …
Illumio Core advancements help protect key assets from cyberattacks and ransomware
Illumio announced new innovations in Illumio Core which automate, accelerate, and simplify the path to a zero trust posture. Cyberattacks and ransomware are most successful …
IBM provides Kestrel, a threat hunting tool, to Open Cybersecurity Alliance
Open Cybersecurity Alliance (OCA) announced it has accepted IBM’s contribution of Kestrel, an open-source programming language for threat hunting that is used by Security …
Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …
June 2021 Patch Tuesday: Microsoft fixes six actively exploited zero-days
On this June 2021 Patch Tuesday: Microsoft has fixed 50 security vulnerabilities, six of which are actively exploited zero-days Adobe has delivered security updates for …
VMware fixes critical vCenter Server RCE vulnerability, urges immediate action (CVE-2021-21985)
VMware has patched two vulnerabilities (CVE-2021-21985, CVE-2021-21986) affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement …
Attackers are exploiting zero-day in Pulse Secure VPNs to breach orgs (CVE-2021-22893)
Attackers have been exploiting several old and one zero-day vulnerability (CVE-2021-22893) affecting Pulse Connect Secure (PCS) VPN devices to breach a variety of defense, …
Optiv Security Enterprise IoT Lab helps identify, assess, and mitigate IoT device security challenges
Optiv Security unveiled its Enterprise Internet of Things (IoT) Lab in response to a growing and ever-present pain point for client security leaders – the proliferation of IoT …
Shujinko AuditX expands compliance automation to all major clouds and regulatory frameworks
Shujinko announced a major update to AuditX, the system of record for enterprise compliance data. This update significantly broadens the platform’s automated data collection …
Featured news
Resources
Don't miss
- PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)
- Microsoft shuts down RedVDS cybercrime subscription service tied to millions in fraud losses
- LinkedIn wants to make verification a portable trust signal
- QR codes are getting colorful, fancy, and dangerous
- The NSA lays out the first steps for zero trust adoption