State of Pentesting 2022 report: Interactive event and open discussion
In The State of Pentesting 2022 Report, Cobalt studied data from 2,380 pentests and surveyed 602 cybersecurity and software development professionals. The report focuses on …
4 steps for building an orchestrated authorization policy for zero trust
There is a great deal of emphasis placed on the zero-trust approach with respect to access. Looking beyond authentication (the act of verifying that someone is who they say …
The price of an accelerated digital transformation
F5 announced a report which shows the challenges organizations face as they transform IT infrastructures to deliver and secure digital services that have become inseparable …
Week in review: Attackers exploiting VMware RCE, Microsoft fixes actively exploited zero-day
Here’s an overview of some of last week’s most interesting news, articles and interviews: Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521) On …
Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)
Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy …
New infosec products of the week: April 15, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Axis Security, BigID, Finite State, oak9, OwnBackup, Palo Alto Networks, and Spin …
Confessions of a CTO
Chief technology officers (CTOs) are typically juggling the joint responsibility of maintaining the organization’s overarching technology infrastructure and enabling business …
Unmanaged and unsecured digital identities are driving rise in cybersecurity debt
A global report released by CyberArk shows that 79% of senior security professionals state that cybersecurity has taken a back seat in the last year in favor of accelerating …
Dark data is a pain point for many security leaders
BigID published a research report exploring today’s challenges organizations face with protecting their most valuable data. The study uncovered a number of critical findings: …
APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)
Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. …
The two words you should never forget when you’re securing a cloud
When cloud providers sell their services, they know their customers are thinking about cybersecurity – that’s why providers tend to tout their impressive accreditations …
Featured news
Resources
Don't miss
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground
- Open source has a malware problem, and it’s getting worse
- Train smarter, respond faster: Close the skill gaps in your SOC