Cyber attribution: Vigilance or distraction?
Cyber attribution is a process by which security analysts collect evidence, build timelines and attempt to piece together evidence in the wake of a cyberattack to identify the …
Navigating the future of digital identity
1,450 global consumers’ experiences with passwordless authentication, hybrid identities, and ownership over personally identifiable information reveal that they want …
Rushed cloud migrations result in escalating technical debt
While 93% of CIOs expect an increase in IT budgets for 2023, 83% of them are feeling pressured to stretch their budgets even further than before, with a focus on managing …
Virtual patching: Cut time to patch from 250 days to <1 day
Unpatched vulnerabilities are responsible for 60% of all data breaches. The Department of Homeland Security has estimated that the proportion of breaches stemming from …
How Mirel Sehic relies on simplicity to focus on product security
If you are developing a modern medical, manufacturing, or logistics facility, there’s no doubt that a large portion of your investment was made into the electronic aspects of …
Data loss prevention company hacked by Tick cyberespionage group
ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, …
Exfiltration malware takes center stage in cybersecurity concerns
While massive public data breaches rightfully raise alarms, the spike in malware designed to exfiltrate data directly from devices and browsers is a key contributor to …
Top 50 most impersonated brands by phishing URLs
Today, phishing is the fastest growing Internet crime, and a threat to both consumers and businesses. Finance, technology, and telecom brands were the most commonly …
Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice
There is a consensus among MSPs and MSSPs that vCISO services pose an excellent opportunity for a new revenue stream, but how do you successfully do that? Watch this panel …
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …
CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs
Organizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US …
Product showcase: Permit.io – Application-level permissions with a no-code UI
Managing user access in applications has always been a headache for any developer. Implementing policies and enforcing them can prove to be quite complex, and very …
Featured news
Resources
Don't miss
- Hottest cybersecurity open-source tools of the month: November 2025
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites