Week in review: Apache servers under attack, machine leaning in infosec
Here’s an overview of some of last week’s most interesting news, podcasts and articles: The six stages of a cyber attack lifecycle High-impact cyber incidents can …
New infosec products of the week: March 10, 2017
Waterproof, scalable and customizable data protection ioSafe released ioSafe Server 5, a fire- and waterproof server designed to eliminate data loss and minimize downtime by …
Catch emerging strains of ransomware with RansomFree
In this podcast recorded at RSA Conference 2017, Yoel Eilat, Senior Product Manager at Cybereason, talks about RansomFree – the free, anti-ransomware protection …
The West African cybercriminal ecosystem is unlike any other
While there is still not an actual underground marketplace, cybercrime is pervasive in the West African region. Specifically, scamming operations. The peculiarities of the …
185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked
A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet. The …
Apache servers under attack through easily exploitable Struts 2 flaw
A critical vulnerability in Apache Struts 2 is being actively and heavily exploited, even though the patch for it has been released on Monday. System administrators are …
DevSecOps: Building continuous security into IT and app infrastructures
In this podcast recorded at RSA Conference 2017, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about DevSecOps. Instead of making security a …
What’s the security posture of the Fortune 1000?
BitSight analyzed the security posture of some of the world’s largest organizations, and identified the most common system compromises. For comparison, Fortune 1000 companies …
Encrypted messaging app Confide suffers from many security issues
Confide, the encrypted instant messaging application with a self-destructing messaging system that has become popular with White House staffers, is not so secure after all. …
Clever spear-phishing emails hit employees involved in SEC filings
FireEye has flagged a sophisticated spear-phishing campaign hitting US-based businesses with emails purportedly coming from the US Securities and Exchange Commission (SEC). …
21% of websites still use insecure SHA-1 certificates
New research from Venafi Labs shows that 21 percent of the world’s websites are still using certificates signed with the vulnerable Secure Hash Algorithm, SHA-1. On February …
Western Digital My Cloud NAS devices wide open to attackers
Western Digital My Cloud NAS devices have again been found wanting in the security department, as two set of researchers have revealed a number of serious flaws in the …
Featured news
Resources
Don't miss
- The many variants of the ClickFix social engineering tactic
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)
- How agentic AI and non-human identities are transforming cybersecurity
- Even the best safeguards can’t stop LLMs from being fooled
- Wave of tech layoffs leads to more job scams