U.S. DOJ will no longer prosecute good-faith security researchers under CFAA
The U.S. Department of Justice announced the revision of its policy regarding charging violations of the Computer Fraud and Abuse Act (CFAA), which says that, among other …
VMware issues critical fixes, CISA orders federal agencies to act immediately (CVE-2022-22972)
VMware has released patches for a privately reported critical vulnerability (CVE-2022-22972) in VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize …
Prioritize patching vulnerabilities associated with ransomware
A threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in …
46% of organizations still store passwords in shared documents
46% of IT, security, and cybersecurity leaders say they still store passwords in shared office documents. That’s despite an overwhelming 93% of respondents that require …
How do DevSecOps professionals feel about security becoming an around the clock job?
As breaches continue to rise, cybersecurity and development professionals are feeling the pressure to maintain their organizations’ security postures. Invicti Security …
US warns of North Korean hackers posing as IT freelancers
Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the US Department of …
5 critical questions to test your ransomware preparedness
I’m a pentester – that is, a professional penetration tester. Some call me an ethical hacker, a white hat, or red teamer. In the heat of the moment, I’ve been called much …
Popularity of online payment goes hand-in-hand with fraud
NICE Actimize has released a report that identifies and analyzes the leading fraud threats and patterns that impacted leading global financial institutions in 2021. Noting …
65% of IT help desk teams report unsustainable levels of stress
Over the past two years, IT departments have served on the business frontlines, helping organizations quickly implement digital transformation strategies to enable a fully …
Easily migrate to the cloud with CIS Hardened Images
CIS offers virtual images hardened in accordance with the CIS Benchmarks, a set of vendor agnostic, internationally recognized secure configuration guidelines. CIS Hardened …
BLE vulnerability may be exploited to unlock cars, smart locks, building doors, smartphones
A Bluetooth Low Energy (BLE) vulnerability discovered by NCC Group researchers may be used by attackers to unlock Teslas (or other cars with automotive keyless entry), …
Kali Linux 2022.2 released: Desktop enhancements, tweaks for the terminal, new tools, and more!
Offensive Security has released Kali Linux 2022.2, the latest version of its popular penetration testing and digital forensics platform. Cosmetic changes Kali Linux 2022.2 …
Featured news
Resources
Don't miss
- Why AI code assistants need a security reality check
- GPS tracker detection made easy with off-the-shelf hardware
- 91% noise: A look at what’s wrong with traditional SAST tools
- AWS launches new cloud security features
- Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)