Attackers exploit another zero-day in ManageEngine software (CVE-2021-44515)
A vulnerability (CVE-2021-44515) in ManageEngine Desktop Central is being leveraged in attacks in the wild to gain access to server running the vulnerable software. About …
New infosec products of the week: December 3, 2021
Here’s a look at the most interesting products from the past week, featuring releases from Castellan Solutions, Cossack Labs, Immuta, IriusRisk, Tenable, ThreatConnect, …
Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling
Tenable enhanced Terrascan, an open source cloud native security analyzer that helps developers secure Infrastructure as Code (IaC). The new capabilities enable organizations …
Infosec products of the month: November 2021
Here’s a look at the most interesting products from the past month, featuring releases from 1Password, Avast, Boxcryptor, Code42, ColorTokens, Cynamics, Fortanix, Hiya, …
Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)
It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, …
New infosec products of the week: November 5, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from Cynamics, Imperva, Linux Foundation, Netscout and Tenable. Nessus 10 is out, …
Nessus 10 is out, with Raspberry Pi support
Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to deploy the …
Huntress launches endpoint protection capabilities to defend SMBs from cyberattacks
Huntress launched a series of platform enhancements designed to protect small and midsize businesses (SMBs) from modern cyberthreats. The release includes the general …
Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)
On October 2021 Patch Tuesday, Microsoft has fixed 71 CVE-numbered vulnerabilities. Of those, only one was a zero-day exploited in attacks in the wild (CVE-2021-40449) and …
Fletch releases two security offerings to help organizations stay ahead of cybercriminals
Fletch launched their first two offerings that continuously analyzes trending threats and insider risk, free of charge. For the past two and half years, Fletch has …
Corporate attack surface exploding as a result of remote work
74% of organizations attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place during the pandemic. The data is drawn from a study of more …
Tenable to acquire Accurics to expand its IaC and cloud security capabilities
Tenable announced that it has entered into a definitive agreement to acquire Accurics, a pioneer in delivering cloud-native security for both DevOps and security teams. …
Featured news
Resources
Don't miss
- Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
- Microsoft blocks risky file previews in Windows File Explorer
- Building trust in AI: How to keep humans in control of cybersecurity
- Researchers expose large-scale YouTube malware distribution network
- Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)