CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector
The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they …
CISOs can marry security and business success
With an endless string of cyber fires to be put out, it’s easy to forget that the cybersecurity function in an organization doesn’t exist in a vacuum. Its main purpose is to …
Open-source AV/EDR bypassing lab for training and learning
Best EDR Of The Market is a user-mode endpoint detection and response (EDR) project designed to serve as a testing ground for understanding and bypassing EDR’s user-mode …
Organizations rethink cybersecurity investments to meet NIS Directive requirements
Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% …
FreeBSD 14.0 released, OpenSSH and OpenSSL updated
FreeBSD 14.0 is now available for the amd64, aarch64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv7, and riscv64 architectures. FreeBSD provides sophisticated …
Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. …
The shifting sands of the war against cyber extortion
Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware …
8 free AI and GenAI courses from AWS
Amazon’s AI Ready initiative aims to provide free AI skills training and education to 2 million people globally by 2025. “Artificial intelligence is the most …
PolarDNS: Open-source DNS server tailored for security evaluations
PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. What can you do with …
Organizations’ serious commitment to software risk management pays off
There has been a significant decrease in vulnerabilities found in target applications – from 97% in 2020 to 83% in 2022 – an encouraging sign that code reviews, automated …
The hidden obstacles to integrating AI into your business
A mere 14% of organizations globally are fully prepared to deploy and leverage AI-powered technologies, according to Cisco. The report highlights companies’ preparedness …
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)
CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been …
Featured news
Resources
Don't miss
- Qantas data breach could affect 6 million customers
- Cybersecurity essentials for the future: From hype to what works
- How FinTechs are turning GRC into a strategic enabler
- Secretless Broker: Open-source tool connects apps securely without passwords or keys
- Product showcase: Protect your data with Apricorn Aegis Secure Key 3NXC