Recent ransomware attacks share curiously similar tactics
A series of ransomware attacks made by different groups share curiously similar characteristics, according to Sophos. Sophos released new findings into the connections between …
Using creative recruitment strategies to tackle the cybersecurity skills shortage
With the increasing complexity of cyber threats and the global shortage of cybersecurity experts, organizations are looking for creative approaches to recruiting and retaining …
Data exfiltration is now the go-to cyber extortion strategy
The abuse of zero-day and one-day vulnerabilities in the past six months led to a 143% increase in victims when comparing Q1 2022 with Q1 2023, according to Akamai. Ransomware …
The ransomware rollercoaster continues as criminals advance their business models
Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to …
SandboxAQ launches open-source meta-library of cryptographic algorithms
SandboxAQ launched Sandwich, an open-source framework that simplifies modern cryptography management and enables developers to steer their organizations towards cryptographic …
August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ
August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual Studio (CVE-2023-38180) for …
North Korean hackers breached Russian missile development firm
North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The …
Getting the best possible outcome in ransomware negotiation
Though typically seen as a final measure, 90% of participants from a BigID survey revealed that their company would contemplate paying a ransom if it meant they could recover …
Seasoned cyber pros are more complacent in their skills than junior staff
Average response time accelerated from 29 to 19 days, from 2021 to 2022, with lessons from Log4j and other high-profile vulnerabilities having a significant impact on urgency …
Managing human cyber risks matters now more than ever
As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become …
How to get started with ongoing configuration assessments
There’s an old adage in business: if you’re not measuring something, you can’t manage it. These days, information technology (IT) and information security …
Keystroke sounds can betray passwords
Researchers from several UK universities have proven that the recorded sounds of laptop keystrokes can be used to obtain sensitive user data such as passwords with a high …
Featured news
Resources
Don't miss
- Cerbos: Open-source, scalable authorization solution
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days
- Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
- Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
- Product showcase: Go beyond VPNs and Tor with NymVPN