
TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switches
Armis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches. Collectively dubbed TLStorm …

CMS-based sites under attack: The latest threats and trends
Payment card skimmers are becoming more common in exploit kits affecting WordPress websites and attackers are spending more time customizing them to avoid detection, …

How to implement a best-in-class SASE architecture
To support cloud-enabled digital transformation strategies, a tighter integration of security and SD-WAN architectures are top of mind for many CIOs and CISOs. That also …

Password tips to keep your accounts safe
Uswitch.com conducted a consumer survey to find out how the UK chooses their passwords, how safe they are and how often they have been hacked. Writing passwords down on paper …

Google offers 50% higher bounties for bugs in Android 13 Beta
Google has released Android 13 Beta 1 and has sent out a call for bug hunters: Find bugs in it, and you’ll get a 50% bonus reward payout. They should hurry up, though: …

How to avoid security blind spots when logging and monitoring
Cybersecurity involves a balancing act between risk aversion and risk tolerance. Going too far to either extreme may increase cost and complexity, or worse: cause the …

Cybersecurity skills shortage: Could training, certifications and diversity be a solution?
Fortinet released a report which reveals that the cybersecurity skills shortage continues to have multiple challenges and repercussions for organizations, including the …

55% of people rely on their memory to manage passwords
Bitwarden announced the results of its global password management survey, in advance of World Password Day on May 5th, 2022. While receptive to the importance of security, …

Infosec products of the month: April 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Akamai, Alert Logic, Arcanna.ai, Axis Security, BigID, BreachBits, ColorTokens, …

Week in review: Quantum Locker ransomware, most exploited vulnerabilities in 2021
Here’s an overview of some of last week’s most interesting news, articles and interviews: Meteoric attack deploys Quantum ransomware in mere hours A group wielding the Quantum …

Critical vulnerabilities open Synology, QNAP NAS devices to attack
Users of Synology and QNAP network-attached storage (NAS) devices are advised to be on the lookout for patches for several critical vulnerabilities affecting Netatalk, an …

New infosec products of the week: April 29, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Akamai, Alert Logic, BreachBits, Kudelski Security, ThreatX, and Workato. Alert …