Please turn on your JavaScript for this page to function normally.

News

Microsoft Outlook
Attackers can steal NTLM password hashes via calendar invites

A recently patched vulnerability in Microsoft Outlook (CVE-2023-35636) that can be used by attackers to steal users’ NTLM v2 hashes can be exploited by adding two …

Tietoevry
Tietoevry ransomware attack halts Swedish organizations

Finnish IT software and service company Tietoevry has suffered a ransomware attack that affected several customers of one of its datacenters in Sweden. The attack The …

mobile
New method to safeguard against mobile account takeovers

Computer science researchers have developed a new way to identify security weaknesses that leave people vulnerable to account takeover attacks, where an attacker gains …

Securities and Exchange Commission
Without clear guidance, SEC’s new rule on incident reporting may be detrimental

The SEC has instituted a set of guidelines “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material …

Ivan Reedman
The reality of hacking threats in connected car systems

With the integration of sophisticated technologies like over-the-air updates and increased data connectivity, cars are no longer just modes of transportation but also hubs of …

CloudFoxable
CloudFoxable: Open-source AWS penetration testing playground

CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to …

strategy
Global cyber inequity skyrockets

There has been a sharp increase in cyber inequity globally, with 90% of executives warning that urgent action is needed to address it, according to the World Economic Forum. …

week in review
Week in review: 10 cybersecurity frameworks you need to know, exploited Chrome zero-day fixed

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key elements for a successful cyber risk management strategy In this Help Net …

Ivanti
Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)

A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity …

lock
Out with the old and in with the improved: MFA needs a revamp

From AI to ZTA (zero-trust architecture), the technology responsible for protecting your company’s data has evolved immensely. Despite the advances, cybercriminals repeatedly …

New infosec products of the week
New infosec products of the week: January 19, 2024

Here’s a look at the most interesting products from the past week, featuring releases from Living Security, Skopenow, Skyhigh Security, and Wing Security. Skyhigh Security’s …

biometrics
Digital nomads amplify identity fraud risks

The number of foreign document verification cases in all parts of the world has grown by an average of 21% since the summer of 2021, according to Regula. It’s even higher in …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools