August 2019 Patch Tuesday: Microsoft plugs critical wormable RDP holes
It’s that time of the month again: Microsoft, Adobe and Intel have pushed out fixes for a bucketload of security issues in their various software. Microsoft’s …
The changing face of DDoS attacks: Degraded performance instead of total takedown
The number of DDoS attacks might be getting higher, but they are not all massive nor do they always trigger DDoS defenses. In fact, small-scale DDoS attacks are becoming more …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …
Link between personality type and vulnerabilities to cybercrime
Only four in 10 (42%) businesses focus on compliance training as part of their cybersecurity protocol to ensure sensitive data is kept secure, reports ESET. More worryingly, …
Help Net Security report: SecBI’s automated threat detection, response and hunting
SOCs constantly need tools to improve effectiveness, efficiency, and productivity. In surveying the market, Help Net Security evaluated SecBI’s solution for improvement …
Researchers discover 40+ insecure drivers for Windows
Spurred by several past instances of attackers abusing device drivers to install a kernel rootkit or malicious firmware implants, Eclypsium researchers have decided to probe …
SOC-as-a-Service promises threat protection in a world of scarce resources
Despite more than a few decades’ worth of technological advancement and millions of dollars’ worth of research, cyber threats continue to flourish. The situation has been …
Anomali discovers phishing campaign targeting Chinese government agencies
Anomali, a leader in intelligence-driven cybersecurity solutions, published at Black Hat USA 2019 its latest research report: Suspected BITTER APT Continues Targeting …
Nmap 7.80 released: A mature Npcap Windows packet capturing driver, 11 new NSE scripts
Nmap is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Pitfalls to avoid when improving your software development skills
The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and IT security industry. Luckily, the opportunities for …
Kubernetes security matures: Inside the project’s first audit
Auditing 1.5 million lines of code is a heroic undertaking. With resources provided by the Cloud Native Computing Foundation (CNCF), the Kubernetes Project leadership created …
Featured news
Resources
Don't miss
- Want fewer security fires to fight? Start with threat modeling
- Build a mobile hacking rig with a Pixel and Kali NetHunter
- Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
- Connectwise is rotating code signing certificates. What happened?
- Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)