CISOs: unsupported, unheard, and invisible
A study conducted among CISOs worldwide from various industries sheds light on their strategies amid a challenging threat environment, identifies obstacles from business …
New coercive tactics used to extort ransomware payments
The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide, industry agnostic threat, according to GuidePoint …
Corporate boards pressure CISOs to step up risk mitigation efforts
While those working in InfoSec and GRC have high levels of confidence in their cyber/IT risk management systems, persistent problems may be making them less effective than …
Most SaaS adopters exposed to browser-borne attacks
Even though the adoption of SaaS apps started more than ten years ago, CISOs are still finding it challenging to tackle the accumulated security debt. Significant deficiencies …
Google adds new risk assessment tool for Chrome extensions
Google has made available a new tool for Google Workspace admins and security teams to make an assessment of the risk different Chrome extensions may present to their users: …
Attackers are logging in instead of breaking in
Cyberattackers leveraged more than 500 unique tools and tactics in 2022, according to Sophos. The data, analyzed from more than 150 Sophos Incident Response (IR) cases, …
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)
An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …
AI tools help attackers develop sophisticated phishing campaigns
Phishing scams are a growing threat, and cybercriminals’ methods are becoming increasingly sophisticated, making them harder to detect and block, according to Zscaler report. …
Rethinking the effectiveness of current authentication initiatives
As user credentials continue to be a top vector for cyberattacks, organizations are under tremendous pressure to rethink the effectiveness of current authentication …
The double-edged sword of open-source software
The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming …
Organizations are stepping up their game against cyber threats
Global median dwell time drops to just over two weeks, reflecting the essential role partnerships and the exchange of information play in building a more resilient …
3CX breach linked to previous supply chain compromise
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now …
Featured news
Resources
Don't miss
- EU launches EU-based, privacy-focused DNS resolution service
- Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
- Balancing cybersecurity and client experience for high-net-worth clients
- CISOs, are you ready for cyber threats in biotech?
- fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic