APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)
Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. …
The two words you should never forget when you’re securing a cloud
When cloud providers sell their services, they know their customers are thinking about cybersecurity – that’s why providers tend to tout their impressive accreditations …
A robust security strategy starts with the hardware
Intel released the results of a study exploring how organizations approach security innovation in an increasingly digital world to stay ahead of the evolving threat landscape. …
The perils of SaaS misconfigurations
The Cloud Security Alliance (CSA) released the findings of an Adaptive Shield survey, offering insight into the industry’s knowledge, attitudes, and opinions regarding SaaS …
Consumers feel data leakage is inevitable so many have stopped caring
Imperva releases findings from a global study on consumer perceptions of data privacy and trust in digital service providers. In an increasingly digital world, consumers feel …
2021 average ransoms paid by quarter was $167K, down 44.2%
In reviewing the evolving cyber risk landscape, a Corvus Insurance report includes a breakdown of the impact of zero-days and third-party risk, updates on ransom severity, …
Independent security audits are essential for cloud service providers. Here’s why
As more companies outsource IT infrastructure to third-party providers and adopt cloud-based collaboration tools, the need for partners that deliver strong protection and …
Product showcase: Enclave – using zero trust network access to simplify your networks
A huge number of Internet-accessible systems are protected by the principle of connect, then authenticate. This includes VPNs, web applications, databases, Windows Servers …
Cybersecurity is getting harder: More threats, more complexity, fewer people
Splunk and Enterprise Strategy Group released a global research report that examines the security issues facing the modern enterprise. More than 1,200 security leaders …
Lack of data readiness threatens digital transformation in healthcare
A majority of healthcare leaders have established digital transformation as a top priority spurred by the pandemic, yet they’re facing a chronic, underlying challenge that’s …
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do