Hijacking of popular ctx and phpass packages reveals open source security gaps
The Python module “ctx” and a fork of the PHP library “phpass” have recently been modified by an unknown attacker to grab AWS credentials/keys and send …
Review: Hornetsecurity 365 Total Protection Enterprise Backup
Hornetsecurity 365 Total Protection Enterprise Backup is a cloud-based data protection and security solution that provides protection against spam, malware, and other advanced …
Why are current cybersecurity incident response efforts failing?
Business-critical applications, such as enterprise resource planning (ERP) systems provided by SAP and Oracle, are considered the crown jewels of the enterprise. These assets …
Most organizations do not follow data backup best practices
Apricorn announced new findings from a survey, which revealed that while the majority organizations have data backup plans in place, data for many are at risk. Nearly 400 …
How confident are companies in managing their current threat exposure?
Crossword Cybersecurity has released a report based on the findings of a survey of over 200 CISOs and senior UK cyber security professionals. The paper reveals companies are …
Verizon 2022 DBIR: External attacks and ransomware reign
There has been an alarming rise (13%) in ransomware breaches – a jump greater than the past 5 years combined, Verizon Business has revealed in its 2022 Data Breach …
Where is attack surface management headed?
Reactive cyber defense is a losing strategy. It’s something that’s been tolerated for many decades, but isn’t it more cost-effective, better for the brand, and more optimal to …
Elevation of Privilege is the #1 Microsoft vulnerability category
BeyondTrust announced the release of a report which includes the latest annual breakdown of Microsoft vulnerabilities by category and product, as well as a six-year trend …
Can we trust the cybersecurity of the energy sector?
A research published by DNV reveals that energy executives anticipate life, property, and environment-compromising cyberattacks on the sector within the next two years. The …
Keeping pace with emerging threats: The roundup
Egress issued its mid-year 2022 threat report offering details of emerging threats along with insights about protecting employees, customers, and businesses from these …
Account pre-hijacking attacks possible on many online services
Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on …
RansomHouse: Bug bounty hunters gone rogue?
A new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their …
Featured news
Resources
Don't miss
- Product showcase: Secure digital and physical access with the Swissbit iShield Key 2
- Trojanized KeePass opens doors for ransomware attackers
- Closing security gaps in multi-cloud and SaaS environments
- Containers are just processes: The illusion of namespace security
- Why legal must lead on AI governance before it’s too late