PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network …
Global attacker median dwell time continues to fall
While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median …
Photos: GISEC Global 2024
GISEC Global is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. Here are a few photos from the event, featured vendors include: Waterfall …
GenAI can enhance security awareness training
One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks. From mining someone’s …
AI set to play key role in future phishing attacks
A staggering increase in QR code phishing (quishing) attacks during 2023 saw them skyrocket up the list of concerns for cyber teams globally, according to Egress. Attacks were …
Cybersecurity jobs available right now: April 24, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Blockchain Security Researcher StarkWare | Israel | …
eBook: Cloud security skills
Demonstrating a sound understanding of cloud security key principles and practices opens various professional opportunities. But first, you need the right mix of technical and …
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print …
CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The …
The rising influence of AI on the 2024 US election
We stand at a crossroads for election misinformation: on one side our election apparatus has reached a higher level of security and is better defended from malicious attackers …
10 colleges and universities shaping the future of cybersecurity education
Institutions featured on this list often provide undergraduate and graduate degrees, courses, as well as certificate programs tailored to meet the growing demand for …
People doubt their own ability to spot AI-generated deepfakes
23% of Americans said they recently came across a political deepfake they later discovered to be fake, according to McAfee. The actual number of people exposed to political …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)