The enemy of vulnerability management? Unrealistic expectations
Organizations vary by size, industry, level of maturity, but one thing that they all have in common is needing to know how to quickly remediate security vulnerabilities. As an …
Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation …
Researchers defeat facial recognition systems with universal face mask
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv …
Are your site’s tracking technologies breaking the law?
Two irresistible yet conflicting forces are creating a real risk for businesses that operate on the web, which is every business that exists in 2022. Those forces are tracking …
Product showcase: ImmuniWeb Neuron, DAST with a zero false positives SLA
Few organizations can afford regular penetration testing of their numerous web applications, APIs and microservices. Instead, they usually leverage a fully automated web …
Linode + Kali Linux: Added security for cloud instances
Kali Linux, the popular open source Linux distribution specialized for penetration testing, ethical hacking and security auditing, can now be used by Linode customers. Getting …
BlackCat (aka ALPHV) ransomware is increasing stakes up to $2.5 million in demands
The notorious cybercriminal syndicate competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked …
Dealing with threats and preventing sensitive data loss
Recently, Normalyze, a data-first cloud security platform, came out of stealth with $22.2M in Series A funding. This was the perfect time to catch up with co-founder and CEO …
Nearly all governmental websites serve cookies or third-party trackers
In some countries up to 90% of governmental websites add third-party tracker cookies without users’ consent. This occurs even in countries with strict user privacy laws, …
Week in review: Quantum-resistant encryption, attackers using deepfakes, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Healthcare organizations targeted with Maui ransomware A less known …
Checkmate ransomware hits QNAP NAS devices
QNAP Systems is warning about Checkmate, a new piece of ransomware targeting users of its network-attached storage (NAS) appliances. “Preliminary investigation indicates …
July 2022 Patch Tuesday forecast: A summertime lull?
June 2022 Patch Tuesday wrapped up a few loose ends we were waiting on. The Follina remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) …
Featured news
Resources
Don't miss
- CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide
- Malicious RVTools installer found on official site, researcher warns
- AI hallucinations and their risk to cybersecurity operations
- Why EU encryption policy needs technical and civil society input
- Hanko: Open-source authentication and user management