Please turn on your JavaScript for this page to function normally.

News

identity theft
Don’t be fooled by a pretty icon, malicious apps hide in plain sight

Apps, whether for communication, productivity or gaming, are one of the biggest threats to mobile security, according to McAfee. The end of 2022 saw the release of some …

EU
Cyber resilience in focus: EU act to set strict standards

With the EU Cyber Resilience Act (CRA), the industry is dealing with one of the strictest regulatory requirements. Manufacturers, importers and even distributors of products …

cloud
Google Cloud Platform allows data exfiltration without a (forensic) trace

Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s …

DNS
DNS abuse: Advice for incident responders

What DNS abuse techniques are employed by cyber adversaries and which organizations can help incident responders and security teams detect, mitigate and prevent them? The DNS …

Burp Suite extensions
5 open source Burp Suite penetration testing extensions you should check out

When it comes to assessing the security of computer systems, penetration testing tools are critical for identifying vulnerabilities that attackers may exploit. Among these …

labyrinth
Covert cyberattacks on the rise as attackers shift tactics for maximum impact

2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 …

risk
Dormant accounts are a low-hanging fruit for attackers

Successful attacks on systems no longer require zero-day exploits, as attackers now focus on compromising identities through methods such as bypassing MFA, hijacking sessions, …

Infosec products of the month, February 2023
Infosec products of the month: February 2023

Here’s a look at the most interesting products from the past month, featuring releases from: Arkose Labs, Cequence Security, CyberGRX, CyberSaint, Deepwatch, DigiCert, Finite …

CIS Hardened Images
Visualize change with an out-of-the-box configuration report

Your technology is always changing, and you often end up playing catchup to secure it. This is difficult in the cloud when you share security responsibility with the cloud …

Cybellum podcast
The power of community participation with Faye Francy, Executive Director, Auto-ISAC

The old phrase “sharing is caring” is something that Faye Francy has seen revolutionize entire industries. From her years as a Boeing Commercial Airplanes Cybersecurity ONE …

LastPass
LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC

LastPass is, once again, telling customers about a security incident related to the August 2022 breach of its development environment and subsequent unauthorized access to the …

SaaS
Security teams have no control over risky SaaS-to-SaaS connections

Employees are providing hundreds to thousands of third-party apps with access to the two most dominant workspaces, Microsoft 365 and Google Workspace, according to Adaptive …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools