Outsourcing security is the only solution for many smaller teams
Companies with small security teams continue to face a number of distinctive challenges that place these organizations at greater risk than larger enterprises, according to …
PayPal-themed phishing kit allows complete identity theft
Sometimes phishers are just after your username and password, but other times they are after every scrap of sensitive information they can extract from you. To do that, they …
The future of SOCs: Automation where it matters
Sophisticated attacks, remote work needs and rapidly changing technologies challenge organizations to manage IT security while containing costs and using overburdened staff. …
Businesses are adding more endpoints, but can’t manage them all
Most enterprises struggle to maintain visibility and control of their endpoint devices, leading to increased security breaches and impaired ability to ward off outside …
Conventional cybersecurity approaches are falling short
Traditional security approaches that rely on reactive, detect-and-respond measures and tedious manual processes can’t keep pace with the volume, variety, and velocity of …
Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor …
The weaponizing of smartphone location data on the battlefield
For soldiers on the battlefield, the act of turning on one’s smartphone has been described as the digital equivalent of lighting a cigarette, as doing so creates a signal …
The enemy of vulnerability management? Unrealistic expectations
Organizations vary by size, industry, level of maturity, but one thing that they all have in common is needing to know how to quickly remediate security vulnerabilities. As an …
Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation …
Researchers defeat facial recognition systems with universal face mask
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv …
Are your site’s tracking technologies breaking the law?
Two irresistible yet conflicting forces are creating a real risk for businesses that operate on the web, which is every business that exists in 2022. Those forces are tracking …
Product showcase: ImmuniWeb Neuron, DAST with a zero false positives SLA
Few organizations can afford regular penetration testing of their numerous web applications, APIs and microservices. Instead, they usually leverage a fully automated web …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)