Why SAP systems need to be brought into the cybersecurity fold
SAP’s status as a leading business process management software provider is undeniable. Today, the company serves over 230 million cloud users and 99 of the top 100 companies …
As the cost of cyber insurance rises, the number of organizations who can’t afford it is set to double
The number of organizations that will be either unable to afford cyber insurance, be declined cover, or experience significant coverage limitations is set to double in 2023, …
Identity is the killer context: 4 ways to stay in control
The COVID-19 pandemic sounded the death knell for the traditional perimeter. Work is now an activity, not a place, meaning the concept of an encircling wall of security is as …
36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking …
Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)
The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively …
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Packaged apps to set up test labs The …
LogoKit update: The phishing kit leveraging open redirect vulnerabilities
Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content. Using …
Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, …
Twilio confirms data breach after its employees got phished
Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some …
Understanding your attack surface is key to recognizing what you are defending
In this interview with Help Net Security, Marc Castejon, CEO at Silent Breach, discusses what organizations should be worried about at the moment, and what technologies they …
5 key things we learned from CISOs of smaller enterprises survey
As business begins its return to normalcy (however “normal” may look), CISOs at small and medium-size enterprises (500 – 10,000 employees) were asked to share their …
Cyberattacks on healthcare organizations negatively impact patient care
Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple …
Featured news
Resources
Don't miss
- Why your security team feels stuck
- It’s time to give AI security its own playbook and the people to run it
- Kanvas: Open-source incident response case management tool
- 6 eye-opening books on AI’s rise, risks, and realities
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)