“ParseThru” vulnerability allows unauthorized access to cloud-native applications
A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native …
Browser synchronization abuse: Bookmarks as a covert data exfiltration channel
Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make …
State of cybersecurity funding in the first half of 2022
As the stock market dropped more than 20% in 2022 and prices rise at the pump and grocery store, there are some markets that have shown their ability to weather the storm and …
Burnout and attrition impact tech teams sustaining modern digital systems
Digitalization and rising consumer expectations are having a major impact on the working conditions of the technology teams sustaining the digital operations that drive the …
Ransomware gangs are hitting roadblocks, but aren’t stopping (yet)
Ransomware attacks are in decline, according to reports by several cybersecurity companies. Why is that? More effort for less pay In its mid-year 2022 Cyber Threat Report, …
Cyberattack prevention is cost-effective, so why aren’t businesses investing to protect?
Cyberattacks like ransomware, BEC scams and data breaches are some of the key issues businesses are facing today, but despite the number of high-profile incidents, many …
The most impersonated brand in phishing attacks? Microsoft
Vade announced its H1 2022 Phishers’ Favorites report, a ranking of the top 25 most impersonated brands in phishing attacks. Microsoft came in at #1 on the list, followed by …
Most companies are unprepared for CCPA and GDPR compliance
As of June 30, 2022, 91% of companies across all verticals, states, and business size that must comply with CCPA are still unprepared to meet CCPA requirements, according to …
Infosec products of the month: July 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Aqua Security, Cato Networks, CertiK, CoSoSys, CyberArk, Darktrace, …
Week in review: Attackers abandoning malicious macros, average data breach cost soars
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Israel’s new cyber-kinetic lab will boost the resilience of critical …
Attackers are slowly abandoning malicious macros
Malicious macro-enabled documents as vehicles for email-based malware delivery are being used less and less, Proofpoint researchers have noticed. Threat actors are switching …
New infosec products of the week: July 29, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, NetApp, Rapid7, Runecast, and Teleport. Runecast announces new …
Featured news
Resources
Don't miss
- Why your security team feels stuck
- It’s time to give AI security its own playbook and the people to run it
- Kanvas: Open-source incident response case management tool
- 6 eye-opening books on AI’s rise, risks, and realities
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)