XIoT vendors get serious about security, devote resources to protect cyber-physical systems
Cyber-physical system vulnerabilities disclosed in the second half (2H) of 2022 have declined by 14% since hitting a peak during 2H 2021, while vulnerabilities found by …
Helping users and organizations build an instinctive data privacy habit
Each year at the end of January, internet users are deluged with advice on how to keep their data protected and reclaim their online privacy. What started as Data Privacy Day …
High-risk users may be few, but the threat they pose is huge
High-risk users represent approximately 10% of the worker population and are found in every department and function of the organization, according to Elevate Security …
Challenging cost misconceptions in STEM education
Job seekers, students, and career changers around the world want to pursue roles related to science, technology, engineering, and mathematics (STEM) across different …
Combining identity and security strategies to mitigate risks
Last week, the Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral resources to help organizations reduce the risk of a breach by combining …
Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)
The February 2023 Patch Tuesday is upon us, with Microsoft releasing patches for 75 CVE-numbered vulnerabilities, including three actively exploited zero-day flaws …
Apple fixes actively exploited WebKit zero-day in iOS, macOS (CVE-2023-23529)
Apple has released security updates that fix a WebKit zero-day vulnerability (CVE-2023-23529) that “may have been actively exploited.” The bug has been fixed in …
Malware that can do anything and everything is on the rise
“Swiss Army knife” malware – multi-purpose malware that can perform malicious actions across the cyber-kill chain and evade detection by security controls – is on …
Steps CISA should take in 2023
Recently, I was asked to imagine that I had been granted an hour with top officials at the Cybersecurity and Infrastructure Security Agency (CISA) – what advice would I …
Get hired in cybersecurity: Expert tips for job seekers
The dire shortage of information security experts has left organizations struggling to keep up with the growing demand for their skills. Still, getting a job in cybersecurity …
Actionable intelligence is the key to better security outcomes
Despite the widespread belief that understanding the cyber threat actors who could be targeting their organization is important, 79% of respondents stated that their …
Vulnerabilities open Korenix JetWave industrial networking devices to attack
Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use …
Featured news
Resources
Don't miss
- Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
- iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)
- Unpacking the security complexity of no-code development platforms
- Researchers warn of ongoing Entra ID account takeover campaign
- LockBit panel data leak shows Chinese orgs among the most targeted