MS Office zero-day exploited in attacks – no enabling of macros required!
A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched …
Compared to last month’s Patch Tuesday, April will be a light drizzle
March saw a sizable release from Microsoft after a missed Patch Tuesday. Any way about it, April will be a lighter month than March. Windows 10 1703 has officially released to …
Cloud IT infrastructure spend grew to $32.6 billion in 2016
According to IDC, vendor revenue from sales of infrastructure products (server, storage, and Ethernet switch) for cloud IT, including public and private cloud, grew by 9.2% …
Week in review: Highest paying IT certifications, emergency iOS patch, and how attackers exploit whitelists
Here’s an overview of some of last week’s most interesting news and articles: Windows 10 Creators Update will come with clearer privacy options Nearly two years …
QNAP NAS devices open to remote command execution
If you’re using one of the many QNAP NAS devices and you haven’t yet upgraded the QTS firmware to version 4.2.4, you should do so immediately if you don’t …
Your iPhone is not infected, and you don’t need a free VPN app to clean it
To be sure that your online browsing is protected and your data is secure, you have to be able to trust the VPN service of your choice. But, as a research into Android VPN …
20,000-bots-strong Sathurbot botnet grows by compromising WordPress sites
A 20,000-bots-strong botnet is probing WordPress sites, trying to compromise them and spread a backdoor downloader Trojan called Sathurbot as far and as wide as possible. …
Threat intelligence sharing challenges: Understand the context of cyber events
A new McAfee report details the challenges facing threat intelligence sharing efforts. The growing complexity of the technology environment is a very important driver for …
Oil and gas companies’ cybersecurity strategies are evolving
Lacking enterprise-wide cyber analytics technology to monitor for cyberattacks, most oil and gas companies are not fully aware of when or even how cyberattacks might affect …
New infosec products of the week: April 7, 2017
A rules engine that adapts to changing attack patterns DataVisor announced the latest addition to its full stack analytics platform, the DataVisor Automated Rules Engine, a …
Extensive shift to hybrid infrastructure services is underway
The growth of cloud and industrialized services and the decline of traditional data center outsourcing (DCO) indicate a massive shift toward hybrid infrastructure services, …
How attackers exploit whitelists
If there is a technology or security measure that can help organizations protect their assets from attackers or malware, you can be sure that attackers will try to find a way …
Featured news
Resources
Don't miss
- Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI
- Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
- A new way to think about zero trust for workloads
- Heisenberg: Open-source software supply chain health check tool
- Securing real-time payments without slowing them down