Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Transitioning to memory-safe languages: Challenges and considerations In this …
Key MITRE ATT&CK techniques used by cyber attackers
While the threat landscape continues to shift and evolve, attackers’ motivations do not, according to a Red Canary report. The classic tools and techniques adversaries deploy …
90% of exposed secrets on GitHub remain active for at least five days
12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022, according to GitGuardian. Remarkably, the incidence of publicly exposed …
Human risk factors remain outside of cybersecurity pros’ control
Cyber threats are growing at an unprecedented pace, and the year ahead is fraught with cybercrime and incidents anticipated ahead of the busy election year where over 50 …
New infosec products of the week: March 15, 2024
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, Cynerio, DataDome, Regula, and Tenable. AuditBoard unveils AI, …
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of …
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files …
MobSF: Open-source security research platform for mobile apps
The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile. MobSF can be used for …
Only 13% of medical devices support endpoint protection agents
63% of CISA-tracked Known Exploited Vulnerabilities (KEVs) can be found on healthcare networks, while 23% of medical devices—including imaging devices, clinical IoT devices, …
IT leaders think immutable data storage is an insurance policy against ransomware
IT leaders consider immutable storage as a must-have in the fight against cyberattacks, according to Scality. Ransomware threats are now understood by organizations to be …
The effects of law enforcement takedowns on the ransomware landscape
While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of …
LastPass’ CIO vision for driving business strategy, innovation
Recently, LastPass appointed Asad Siddiqui as its CIO. He brings over two decades of experience leading startups and large technology organizations. It was the perfect time …
Featured news
Resources
Don't miss
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged
- Using lightweight LLMs to cut incident response times and reduce hallucinations