(IN)SECURE Magazine issue 70 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 70 has been released today. It’s a free …
Nessus 10 is out, with Raspberry Pi support
Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to deploy the …
A ransomware reality check for CISOs
The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of …
Rooting malware discovered on Google Play, Samsung Galaxy Store
Researchers have discovered 19 mobile apps carrying rooting malware on official and third-party Android app stores, including Google Play and Samsung Galaxy Store. …
Proven third-party risk management strategies
As cyber threats continue to plague enterprises and the third-party partners and suppliers they work with, organizations that have prioritized the development of a robust …
Mapping ATT&CK techniques to CVEs should make risk assessment easier
Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered …
How the rise in identity crimes and cyberattacks impacts small businesses
The Identity Theft Resource Center (ITRC) has published a report on the impacts of identity crimes and cyberattacks on small businesses. There are 42 million solopreneurs, …
Ransomware attacks increased 148% in Q3 2021, showing no sign of slowing
SonicWall recorded a 148% increase in global ransomware attacks through the third quarter (Q3) of 2021. With 470 million ransomware attacks logged by the company this year to …
While businesses are ramping up their risk mitigation efforts, they could be doing more
Zurich North America and Advisen have released a survey of corporate risk managers and insurance buyers revealing current views about information security and cyber risk …
Only 2% of IT practitioners are confident in their organization’s ability to reduce API security issues
Cloudentity announced a report conducted by PulseQA, revealing that in the last 12 months, at least 44% of respondents expressed substantial issues concerning privacy, data …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
Active Directory control: How adversaries score even bigger goals via attack paths
Microsoft Active Directory and Azure Active Directory are directory services products used for identity and access management at most major enterprises all over the world. All …
Featured news
Resources
Don't miss
- Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
- 18 arrested in €300 million global credit card fraud scheme
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform