Unmanaged third-party access threatens OT environments
Many industrial organizations lack the resources, expertise, and collaborative processes to effectively mitigate threats and ensure secure access to operational technology …
LockBit leak site is back online
LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with …
Pikabot returns with new tricks up its sleeve
After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader …
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)
The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of …
Web Check: Open-source intelligence for any website
Web Check offers thorough open-source intelligence and enables users to understand a website’s infrastructure and security posture, equipping them with the knowledge to …
It’s time for security operations to ditch Excel
Security teams are hiding an embarrassing secret from the outside world: despite their position at the vanguard of technology, security risks and threats, their actual war …
CVE count set to rise by 25% in 2024
The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …
Cybersecurity crisis in schools
Primary school systems handle sensitive data concerning minors, while higher education institutions must safeguard intellectual property data, making them prime targets for …
Week in review: 10 cybersecurity startups to watch, admins urged to remove VMware vSphere plugin
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Inside the strategy of Salesforce’s new Chief Trust Officer In this Help Net …
Avast ordered to pay $16.5 million for misuse of user data
The Federal Trade Commission will require software provider Avast to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising …
The old, not the new: Basic security issues still biggest threat to enterprises
In 2023, cybercriminals saw more opportunities to “log in” versus hack into corporate networks through valid accounts – making this tactic a preferred weapon for …
New infosec products of the week: February 23, 2024
Here’s a look at the most interesting products from the past week, featuring releases from ManageEngine, Metomic, Pindrop, and Truffle Security. Pindrop Pulse offers …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)