Amazon Linux 2023: Create and execute cloud-based applications with enhanced security
AWS has been offering Amazon Linux, a cloud-optimized Linux distribution, since 2010. This distribution’s latest version is now available. Amazon Linux 2023 is provided …
Cyber attribution: Vigilance or distraction?
Cyber attribution is a process by which security analysts collect evidence, build timelines and attempt to piece together evidence in the wake of a cyberattack to identify the …
Navigating the future of digital identity
1,450 global consumers’ experiences with passwordless authentication, hybrid identities, and ownership over personally identifiable information reveal that they want …
Rushed cloud migrations result in escalating technical debt
While 93% of CIOs expect an increase in IT budgets for 2023, 83% of them are feeling pressured to stretch their budgets even further than before, with a focus on managing …
Virtual patching: Cut time to patch from 250 days to <1 day
Unpatched vulnerabilities are responsible for 60% of all data breaches. The Department of Homeland Security has estimated that the proportion of breaches stemming from …
How Mirel Sehic relies on simplicity to focus on product security
If you are developing a modern medical, manufacturing, or logistics facility, there’s no doubt that a large portion of your investment was made into the electronic aspects of …
Data loss prevention company hacked by Tick cyberespionage group
ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, …
Exfiltration malware takes center stage in cybersecurity concerns
While massive public data breaches rightfully raise alarms, the spike in malware designed to exfiltrate data directly from devices and browsers is a key contributor to …
Top 50 most impersonated brands by phishing URLs
Today, phishing is the fastest growing Internet crime, and a threat to both consumers and businesses. Finance, technology, and telecom brands were the most commonly …
Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice
There is a consensus among MSPs and MSSPs that vCISO services pose an excellent opportunity for a new revenue stream, but how do you successfully do that? Watch this panel …
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …
CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs
Organizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US …
Featured news
Resources
Don't miss
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
- Acrobat Reader zero-day exploited in the wild for many months
- AI agent intent is a starting point, not a security strategy
- Asqav: Open-source SDK for AI agent governance
- BlueHammer: Windows zero-day exploit leaked