Week in review: Spot deep-faked job candidates, data exfiltration via bookmarks, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Browser synchronization abuse: Bookmarks as a covert data exfiltration …
New infosec products of the week: August 5, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Claroty, Fortinet, Qualys, Scrut Automation, Sony, and VIPRE Security. Qualys …
Organizations grew to love Kubernetes: Usage in production is high
Kubernetes is delivering business value and is set to win an increasing share of production workloads, with almost all respondents to a Dimensional Research study saying they …
A third of organizations experience a ransomware attack once a week
Ransomware attacks show no sign of slowing. According to new research published by Menlo Security, a third of organizations experience a ransomware attack at least once a …
Universities are at risk of email-based impersonation attacks
Proofpoint released new research which found that the top universities in the United States, the United Kingdom and Australia are lagging on basic cybersecurity measures, …
Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in …
VMware: Patch this critical vulnerability immediately! (CVE-2022-31656)
VMware has released fixes for ten vulnerabilities, including CVE-2022-31656, an authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager and …
How to minimize your exposure to supply chain attacks
Supply chain attacks are on the rise, and many organizations seem unsure on how to respond to the threat, but I’m here to tell you that there are several steps you can take to …
87% of the ransomware found on the dark web has been delivered via malicious macros
Venafi announced the findings of a dark web investigation into ransomware spread via malicious macros. Conducted in partnership with criminal intelligence provider Forensic …
eBook: Privileged Access Management for Dummies
With so many recent high-profile breaches accomplished through the compromise of passwords on privileged accounts, it’s time all cybersecurity stakeholders got educated. This …
“ParseThru” vulnerability allows unauthorized access to cloud-native applications
A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native …
Browser synchronization abuse: Bookmarks as a covert data exfiltration channel
Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make …
Featured news
Resources
Don't miss
- LLMs can boost cybersecurity decisions, but not for everyone
- The unseen side of malware and how to find it
- SonicWall says attackers compromised some firewall configuration backup files
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!