Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)
Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). …
F5 BIG-IP vulnerabilities leveraged by attackers: What to do?
The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has …
MITRE ATT&CK v14 released
MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. …
Cybersecurity workforce shortages: 67% report people deficits
The global cybersecurity workforce has reached 5.5 million people, an 8.7% increase from 2022, representing 440,000 new jobs, according to ISC2. While this is the highest …
How human behavior research informs security strategies
In this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human …
Cybersecurity habits and behaviors executives need to be aware of
Top executives — the employee group most targeted by threat actors — are frequently provided unfettered access to valuable data sources and networked assets, according to …
Public exposure of data breaches is becoming inevitable
Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage, according to Allianz. Allianz Commercial analysis of …
Product showcase: LayerX browser security extension
The browser has become the main workspace in modern organizations. It’s where employees create and interact with data, and how they access organizational and external SaaS and …
Ransomware attacks set to break records in 2023
Ransomware attacks continue at a record-breaking pace, with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year (YoY), according to Corvus …
Mainframes are around to stay, it’s time to protect them
While many organizations run their core business applications on the mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, …
The hidden costs of Java, and the impact of pricing changes
An overwhelming 98% of all the businesses surveyed use Java in their software applications or infrastructure, and 57% of those organizations indicate that Java is the backbone …
Infosec products of the month: October 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, Arcitecta, AuditBoard, BackBox, Cloaked, ComplyCube, Darktrace, Data …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)