Agents of disruption: Four testing topics argue the case for agentless security
Let me introduce myself. I’m a set of flaws in your otherwise perfect, agent-based security world. Like all disruptive agents, I derail your best-laid plans with expensive …
SSDP amplification attacks rose 639%
The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison …
Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution
A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to …
Microsoft launches Azure DevOps bug bounty program
Microsoft has launched yet another bug bounty program and is urging security researchers to look into the security of Azure DevOps, its cloud service for collaborating on code …
Beware the man in the cloud: How to protect against a new breed of cyberattack
One malicious tactic that has become quite prevalent in recent years is known as a ‘man in the cloud’ (MitC) attack. This attack aims to access victims’ accounts without the …
Machine learning trumps AI for security analysts
Machine learning is currently one of the biggest buzzwords in cybersecurity and the tech industry in general, but the phrase is often overused and misapplied, leaving many …
Cybercrime could cost companies trillions over the next five years
Companies globally could incur $5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, as dependency on complex internet-enabled …
Researchers analyze DDoS attacks as coordinated gang activities
In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit …
Week in review: SD-WAN deployment, security DevOps, a new taxonomy for SCADA attacks
Here’s an overview of some of last week’s most interesting news and articles: Compromised ad company serves Magecart skimming code to hundreds of websites The …
Most Facebook users aren’t aware that Facebook tracks their interests
Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their …
Mining malware evades agent-based cloud security solutions
Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining …
New infosec products of the week: January 18, 2019
XebiaLabs launches new DevOps risk and compliance capability for software releases The XebiaLabs DevOps Platform provides a single pane of glass for technical and business …
Featured news
Resources
Don't miss
- SonicWall says attackers compromised some firewall configuration backup files
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform