Half of all helpdesk tickets relate to UC&C issues
93% of enterprise-level organizations have increased their use of unified communications and collaboration (UC&C) platforms since the onset of the COVID-19 pandemic, a …
The Log4j saga: New vulnerabilities and attack vectors discovered
The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j …
How can AI be made more secure and trustworthy?
While we’re still debating whether and how long it will take to reach singularity and superintelligence, artificial intelligence is playing an increasingly important role in …
Zero trust isn’t just for IT, it can also protect targeted critical infrastructure
Gartner predicts that by 2025 cyber attackers will have weaponized OT environments to successfully harm or kill humans. Not only is a solution to secure OT assets imperative, …
How likely are employees to fall prey to a phishing attack?
22% of employees are likely to expose their organization to the risk of cyber attack via a successful phishing attempt, a Phished report reveals. Analysis of the broad and …
Shifting security further left: DevSecOps becoming SecDevOps
Veracode has revealed usage data that demonstrates cybersecurity is becoming more automated and componentized in line with modern software architectures and development …
GoTestWAF: Open-source project for evaluating web application security solutions
GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, etc. It was …
The cybersecurity executive order is not all it’s cracked up to be
Seventy-two percent of federal cybersecurity leaders say the White House’s May 2021 Cybersecurity Executive Order (EO) addresses only a fraction of today’s cybersecurity …
Not all domain registrars are created equal: Consumer-grade vs. enterprise-class
SecurityScorecard and CSC released comprehensive research detailing the impacts of an organization’s choice in domain registrar on their overall security ratings. The research …
Week in review: Log4Shell updates, Kronos ransomware attack, unused identities threat
Here’s an overview of some of last week’s most interesting news, articles and interviews: Log4Shell: A new fix, details of active attacks, and risk mitigation …
New infosec products of the week: December 17, 2021
Here’s a look at the most interesting products from the past week, featuring releases from AwareGO, MetricStream, MobileSphere, Nerdio, Ping Identity, Pondurance, Syxsense, …
Want to assemble a cyber Dream Team? Look back at the ‘92 Olympics
A common question I often receive from organizational leaders is how to assemble the right team that can ensure their enterprise is positioned to effectively combat the …