AT&T sued for enabling SIM swap fraud
A cryptocurrency investor is suing AT&T because criminals were able to empty his accounts through SIM swap fraud (aka account port out fraud), even though he had already …
Google offers rewards for techniques that bypass their abuse, fraud, and spam systems
Google is expanding its vulnerability reward program again: the company wants to be notified about techniques that allow third parties to successfully bypass their abuse, …
2.6 billion records exposed in 2,300 disclosed breaches so far this year
Risk Based Security released its Mid-Year 2018 Data Breach QuickView report, showing there have been 2,308 publicly disclosed data compromise events through June 30th. After a …
Cloud computing remains top emerging business risk
Cloud computing ranks as the top risk concern for executives in risk, audit, finance and compliance, according to the latest survey by Gartner. In Gartner’s latest quarterly …
eBook: Windows PowerShell Scripting Tutorial
This promotion has ended. This PowerShell tutorial opens with an introduction to PowerShell scripting basics. It guides you through various topics, starting with launching …
Networking vendors patch against new cryptographic attack
Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, …
Chaos and confusion reign with existing firewall infrastructure
Many organizations are still struggling to master basic firewall hygiene, promising increased complexity and risk associated with network security policy management for those …
August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days
In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has …
DDoS attackers increasingly strike outside of normal business hours
DDoS attack volumes have increased by 50% to an average of 3.3 Gbps during May, June and July 2018, compared to 2.2 Gbps during the previous quarter, according to Link11. …
New Office 365 phishing attack uses malicious links in SharePoint documents
Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platform’s built-in …
PSD2 SCA requirements will be implemented soon, are you ready?
As the second Payment Services Directive continues its rollout, regulations making it obligatory for organisations to implement strong customer authentication (SCA) in online …
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
Featured news
Resources
Don't miss
- How agentic AI and non-human identities are transforming cybersecurity
- Even the best safeguards can’t stop LLMs from being fooled
- Wave of tech layoffs leads to more job scams
- PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
- Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)