Phorpiex bots target remote access servers to deliver ransomware
Threat actors are brute-forcing their way into enterprise endpoints running server-side remote access applications and attempting to spread the GandCrab ransomware onto other …
Vulnerabilities and architectural considerations in industrial control systems
The reason SCADA security is so controversial stems primarily from the intense consequences that come from a compromise in this area. In this podcast, Andrew Ginter, VP of …
Connected car security is improving, researchers say
The automotive industry has apparently stepped up their game when it comes to improving connected car security. According to the latest IOActive report, which was compiled …
An investigation into how cyber ready businesses really are
The more cyber ready a business becomes, the better its overall business outcomes. Vodafone’s Cyber Ready Barometer notes 48% of cyber ready businesses are reporting more than …
Hackers are finding creative ways to target connected medical devices
Hackers are leveraging error messages from connected medical devices — including radiology, X-ray and other imaging systems — to gain valuable insights, according to Zingbox. …
Organizations apply stronger PKI security controls due to their increasingly critical role
The Internet of Things is the fastest growing trend driving the deployment of applications that use public key infrastructure as evidenced by the Thales 2018 Global PKI Trends …
Are communications service providers confident in open source networking solutions?
The Linux Foundation announced the results of an industry survey to gauge industry perceptions of open source across networking technologies. Top takeaways from the survey …
LoJax: First-ever UEFI rootkit detected in a cyberattack
ESET researchers have discovered a cyberattack that used a UEFI rootkit to establish a presence on the victims’ computers. Dubbed LoJax, this rootkit was part of a campaign …
Apple DEP vulnerability lets attackers access orgs’ resources, info
An authentication weakness in Apple’s Device Enrollment Program (DEP) may allow attackers to enroll any device into an organization’s Mobile Device Management …
The state of network security in organizations with 1000+ employees
Security team size at the largest organizations does not scale with the number of overall employees, but they are more likely to include staff with specialized roles, say the …
You should prepare for the next mega data breach
As of September 2018, it’s been one year since the historical Equifax mega data breach that impacted nearly half of all consumers in the U.S. Since this monumental invasion of …
Downloads of known vulnerable open source components increase 120%
Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around …
Featured news
Resources
Don't miss
- The many variants of the ClickFix social engineering tactic
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)
- How agentic AI and non-human identities are transforming cybersecurity
- Even the best safeguards can’t stop LLMs from being fooled
- Wave of tech layoffs leads to more job scams