Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)
Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy …
New infosec products of the week: April 15, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Axis Security, BigID, Finite State, oak9, OwnBackup, Palo Alto Networks, and Spin …
Confessions of a CTO
Chief technology officers (CTOs) are typically juggling the joint responsibility of maintaining the organization’s overarching technology infrastructure and enabling business …
Unmanaged and unsecured digital identities are driving rise in cybersecurity debt
A global report released by CyberArk shows that 79% of senior security professionals state that cybersecurity has taken a back seat in the last year in favor of accelerating …
Dark data is a pain point for many security leaders
BigID published a research report exploring today’s challenges organizations face with protecting their most valuable data. The study uncovered a number of critical findings: …
APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)
Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. …
The two words you should never forget when you’re securing a cloud
When cloud providers sell their services, they know their customers are thinking about cybersecurity – that’s why providers tend to tout their impressive accreditations …
A robust security strategy starts with the hardware
Intel released the results of a study exploring how organizations approach security innovation in an increasingly digital world to stay ahead of the evolving threat landscape. …
The perils of SaaS misconfigurations
The Cloud Security Alliance (CSA) released the findings of an Adaptive Shield survey, offering insight into the industry’s knowledge, attitudes, and opinions regarding SaaS …
Consumers feel data leakage is inevitable so many have stopped caring
Imperva releases findings from a global study on consumer perceptions of data privacy and trust in digital service providers. In an increasingly digital world, consumers feel …
2021 average ransoms paid by quarter was $167K, down 44.2%
In reviewing the evolving cyber risk landscape, a Corvus Insurance report includes a breakdown of the impact of zero-days and third-party risk, updates on ransom severity, …
Featured news
Resources
Don't miss
- How nations build and defend their cyberspace capabilities
- Uncovering the risks of unmanaged identities
- Deepfakes, fraud, and the fight for trust online
- Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI
- Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military