Phishers bypass Microsoft 365 security controls by spoofing Microsoft.com
A domain spoofing email phishing campaign that very convincingly impersonates Microsoft and successfully tricks legacy secure email gateways has recently been spotted by …
2020 to reach vulnerability disclosure levels similar to those in 2019
The number of vulnerability disclosures is back on track to reach or bypass 2019 as we head into 2021, according to Risk Based Security. The team aggregated 17,129 …
Researchers expose the stress levels of workers at different job positions
A Unify Square survey unveils key perspectives of enterprise employees on workplace collaboration and communication in the midst of the global pandemic. Findings highlight …
Unsophisticated fraud attacks increase, first-time fraudsters more prevalent
The risk of identity fraud has increased significantly with attacks occurring more frequently since the start of the pandemic, Onfido reveals. Over the past 12 months, the …
FireEye breach: State-sponsored attackers stole hacking tools
U.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company’s RedTeam tools, FireEye CEO Kevin Mandia has disclosed on Tuesday. …
How Kali Linux creators plan to handle the future of penetration testing
Offensive Security might best known as the company behind Kali Linux, the popular (and free) open-source pen testing platform, but its contribution to the information security …
Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack
Forescout researchers have discovered 33 vulnerabilities affecting four open source TCP/IP (communications) stacks used in millions of connected devices worldwide. …
Open source contributors spending no time on security
The Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) announced the release of a report which details …
Industrial pros looking for a more focused approach to digital transformation
A highly focused approach to digital transformation is challenging the traditional top-down, all-or-nothing strategy, according to a report from Plutoshift. The findings …
Rising physical threats putting leaders under pressure
Physical threats are rising and increasingly unmanageable, putting unprecedented financial, reputational and liability pressures on business leadership and security teams, …
A light December 2020 Patch Tuesday for a no-stress end of the year
On this December 2020 Patch Tuesday: Microsoft has plugged 58 CVEs Adobe has delivered security updates for Lightroom, Experience Manager, and Prelude, and has announced that …
D-Link routers vulnerable to remotely exploitable root command injection flaw
The Digital Defense Vulnerability Research Team uncovered a previously undisclosed vulnerability affecting D-Link VPN routers. D-Link DSR-150, DSR-250, DSR-500 and DSR-1000AC …
Featured news
Resources
Don't miss
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform
- Connected homes: Is bystander privacy anyone’s responsibility?
- Google says 2026 will be the year AI supercharges cybercrime