CampusCoin Student Feed Aggregator

+ Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!—More organizations hit by ransomware gangs are starting to realize that it doesn’t pay to pay up: “In Q1 2024, the proportion of victims t...

+ LastPass users targeted by vishing attackers—The CryptoChameleon phishing kit is being leveraged by vishing attackers looking to trick LastPass users into sharing their master password. “In...

+ Protobom: Open-source software supply chain tool—Protobom is an open-source software supply chain tool that enables all organizations, including system administrators and software development communi...

+ The key pillars of domain security—From branded emails and marketing campaigns to critical protocols, internal portals, and internet traffic, domains are central to digital enterprise o...

+ 51% of enterprises experienced a breach despite large security stacks—Threat actors are continuing to successfully breach across the entire attack surface and the stakes are only getting higher: 93% of enterprises who ad...

+ New infosec products of the week: April 19, 2024—Here’s a look at the most interesting products from the past week, featuring releases from IDnow, Immuta, Privacera, Redgate, ShadowDragon, and Tanium...

+ Gurucul federated search provides insights into data that is not centralized—Gurucul announced enhancements to its federated search capabilities. Gurucul federated search empowers users to run queries from a single console acro...

+ AuditBoard expands executive team to support the next phase of growth—AuditBoard announced it has brought on public SaaS company veteran Jeff Harper as Chief Human Resources Officer (CHRO) to help scale the organization ...

+ Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)—The newest version of Ivanti Avalanche – the company’s enterprise mobile device management (MDM) solution – carries fixes for 27 vul...

+ Immuta launches Domains policy enforcement to improve security and governance for data owners—Immuta launched Domains policy enforcement, a new capability in the Immuta Data Security Platform that provides additional controls for data owners to...

+ Redgate Monitor Enterprise prevents unauthorized access to sensitive information—Redgate has launched an enterprise version of its popular database monitoring tool, providing a range of new features to address the challenges of sca...

+ SAS unveils products and services to help customers embrace AI—SAS is launching new AI products and services to improve AI governance and support model trust and transparency. Model cards and new AI Governance Adv...

+ Armis acquires Silk Security for $150 million—Armis has acquired Silk Security for a total of $15 million and will integrate the Silk Platform into the Armis Centrix AI-based Vulnerability Priorit...

+ Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation—While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices...

+ Thinking outside the code: How the hacker mindset drives innovation—Keren Elazari is an internationally recognized security analyst, author, and researcher. Since 2000, Keren has worked with leading Israeli security fi...

+ Cybersecurity jobs available right now: April 17, 2024—Client Security Officer Unisys | USA | Remote – View job details The Client Security Officer (CSO) is part of Unisys account managemen...

+ Damn Vulnerable RESTaurant: Open-source API service designed for learning—Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code throug...

+ Understanding next-level cyber threats—In this Help Net Security video, Trevor Hilligoss, VP of SpyCloud Labs, discusses the 2024 SpyCloud Identity Exposure Report, an annual report examini...

+ IT and security professionals demand more workplace flexibility—The concept of Everywhere Work is now much broader, encompassing where, when, and how professionals get their work done — and flexibility has become a...

+ PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)—A vulnerability (CVE-2024-31497) in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the “...

+ Cisco Duo provider breached, SMS MFA logs compromised—Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA (multi-facto...

+ Vercara UltraEdge offers protection against internet-based threats—Vercara launched UltraEdge, a comprehensive edge platform that includes an innovative Content Delivery Network (CDN), integrated application security,...

+ Tanium Automate reduces manual processes for repeatable tasks—Alongside Tanium Guardian and its partnership with Microsoft Copilot for Security, Tanium Automate serves as another critical component in support of ...

+ New open-source project takeover attacks spotted, stymied—The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the ...

+ GuidePoint Security introduces IoT Security Assessment—GuidePoint Security announced its IoT Security Assessment, a new cybersecurity service. GuidePoint Security’s team of IoT security and embedded system...

+ Sectigo SCM Pro automates certificate management—Sectigo launched SCM Pro, a solution to bring the robustness of enterprise CLM to Small and midsize enterprises (SMEs), effectively leveling the playi...

+ IDnow VideoIdent Flex blends AI technology with human interaction—IDnow has unveiled VideoIdent Flex, a new version of its expert-led video verification service that blends advanced AI technology with human interacti...

+ 5 free red teaming resources to get you started—Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your org...

+ AI set to enhance cybersecurity roles, not replace them—In this Help Net Security interview, Caleb Sima, Chair of CSA AI Security Alliance, discusses how AI empowers security pros, emphasizing its role in e...

+ Audio deepfakes: What they are, and the risks they present—Audio deepfakes are becoming a big problem. Recent cybercriminal campaigns use voice cloning technology to replicate the speech tone and patterns of c...

+ 31% of women in tech consider switching roles over the next year—31% of women in tech are considering leaving their organization over the next 12 months due foremost to poor management, followed by a lack of trainin...

+ Privacera adds access control and data filtering functionality for Vector DB/RAG—Privacera announced the addition of new access control and fine-grained data filtering functionality for Vector DB/RAG to Privacera AI Governance (PAI...

+ A critical vulnerability in Delinea Secret Server allows auth bypass, admin access—Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allo...

+ eBook: Why CISSP?—As new cyber threats emerge daily in our connected world, there’s never been a greater urgency for cybersecurity professionals than now. What can CISS...

+ ShadowDragon Horizon enhancements help users conduct investigations from any device—ShadowDragon announced significant enhancements to its Open-Source Intelligence Investigative platform Horizon. These updates represent a milestone in...

+ How to protect IP surveillance cameras from Wi-Fi jamming—Gone are the days of criminals cutting camera wires to evade detection: with the proliferation of affordable internet-connected cameras, burglars must...

+ Geopolitical tensions escalate OT cyber attacks—In this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology (OT) cyber attac...

+ Exposing the top cloud security threats—Many companies consider AI-powered threats to be the top cloud security threat to their business. Concerningly, less than half are confident in their ...

+ Zarf: Open-source continuous software delivery on disconnected networks—Zarf is a free, open-source tool that enables continuous software delivery on disconnected networks. It currently offers fully automated support for K...

+ Expand your library with these cybersecurity books—In this Help Net Security video round-up, authors discuss their cybersecurity books and provide an inside look at each title. Complete videos George F...

+ Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days—Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto Networks firewalls under attack, hotfixes ...

+ CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks—Earlier today, Palo Alto Networks revealed that a critical command injection vulnerability (CVE-2024-3400) in the company’s firewalls has been e...

+ Check Point boosts security in Harmony Email & Collaboration—Check Point announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantin...

+ Zscaler extends zero trust SASE and eliminates the need for firewall-based segmentation—Zscaler has signed an agreement to acquire Airgap Networks. Combining Zscaler’s zero trust SD-WAN and Airgap Networks’ agentless segmentation technolo...

+ Cado Security teams up with Wiz to accelerate forensic investigations and minimize cloud threats—Cado Security has uveiled its partnership with Wiz and joins Wiz Integration (WIN) Platform. Cado Security enhances WIN by bringing the power of the C...

+ Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)—Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks’ firewalls, the company has warned, and urged ...

+ Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats—Palo Alto Networks announced a new milestone in how security operations centers (SOC) secure the cloud. The new innovations as part of Cortex XSIAM fo...

+ Strategies to cultivate collaboration between NetOps and SecOps—In this Help Net Security interview, Debby Briggs, CISO at Netscout, discusses breaking down silos between NetOps and SecOps. Practical steps include ...

+ The next wave of mobile threats—According to McAfee, apps, whether for communication, productivity, or gaming, are among the biggest threats to mobile security. Technavio expects the...

+ Why women struggle in the cybersecurity industry—The workplace experiences of women in cybersecurity are dramatically worse than men across virtually every category, according to a WiCyS and Aleria s...

+ New infosec products of the week: April 12, 2024—Here’s a look at the most interesting products from the past week, featuring releases from Akamai, Bitdefender, Siemens, Veriato, and Index Engines. S...

+ CISA warns about Sisense data breach—Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity...

+ Ivanti empowers IT and security teams with new solutions and enhancements—Ivanti released Ivanti Neurons for External Attack Surface management (EASM), which helps combat attack surface expansion with full visibility of exte...

+ Ransomware group maturity should influence ransom payment decision—Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, de...

+ Simbian raises $10 million to automate security operations with GenAI—Simbian emerged from stealth mode with oversubscribed $10 million seed funding to deliver on fully autonomous security. As a first step towards that g...

+ AppViewX CERT+ helps organizations identify and renew certificates before they expire—AppViewX announced new functionality in the AppViewX CERT+ certificate lifecycle management automation product that helps organizations prepare for Go...

+ Digimarc and DataTrails join forces to provide proof of digital content authenticity—Digimarc and DataTrails have partnered to deliver a fully integrated content protection solution to fortify digital content using advanced digital wat...

+ PVML raises $8 million to offer protection for enterprise data—PVML unveils its platform for secure AI-powered data access and $8 million in Seed funding led by NFX with participation from FJ Labs and Gefen Capita...

+ How Google’s 90-day TLS certificate validity proposal will affect enterprises—Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implem...

+ Leveraging AI for enhanced compliance and governance—In this Help Net Security interview, Dr. Joseph Sweeney, Advisor at IBRS, discusses the risks of integrating AI into information management systems. H...

+ Graylog: Open-source log management—Graylog is an open-source solution with centralized log management capabilities. It enables teams to collect, store, and analyze data to get answers t...

+ New covert SharePoint data exfiltration techniques revealed—Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies’ Sh...

+ Vultr Sovereign Cloud and Private Cloud delivers data control to nations and enterprises—Vultr launched Vultr Sovereign Cloud and Private Cloud in response to the increased importance of data sovereignty and the growing volumes of enterpri...

+ Malwarebytes Digital Footprint Portal offers insights into exposed passwords and personal data—Malwarebytes has launched Malwarebytes Digital Footprint Portal, a web portal that gives individuals deep visibility into their exposed personal infor...

+ Index Engines CyberSense 8.6 detects malicious activity—Index Engines announced the latest release of its CyberSense software, with version 8.6 delivering a revamped user interface to support smarter recove...

+ Eclypsium Automata discovers vulnerabilities in IT infrastructure—Eclypsium launches Automata, a new AI-assisted feature for its digital supply chain security platform. Available now, Automata is an automated binary ...

+ Concentric AI unveils employee offboarding risk monitoring and reporting module—Concentric AI announced its new employee offboarding risk monitoring and reporting module that delivers critical data detection and response capabilit...

+ Cohesity teams up with Intel to integrate confidential computing into Data Cloud Services—Cohesity has announced it is collaborating with Intel to bring Intel’s confidential computing capabilities to the Cohesity Data Cloud. Leveraged with ...

+ IT pros targeted with malicious Google ads for PuTTY, FileZilla—An ongoing malvertising campaign is targeting IT administrators looking to download system utilities such as PuTTY (a free SSH and Telnet client) and ...

+ NICE Actimize enhances Integrated Fraud Management platform to help financial services prevent scams—NICE Actimize announced IFM 11 (Integrated Fraud Management), a new release of its AI-driven fraud management and detection platform. The new release ...

+ Alethea raises $20 million to combat disinformation campaigns—Alethea announced the close of a $20 million Series B funding round led by GV, with participation from Ballistic Ventures, who led Alethea’s Ser...

+ AI risks under the auditor’s lens more than ever—According to a recent Gartner survey, widespread GenAI adoption has resulted in a scramble to provide audit coverage for potential risks arising from ...

+ Cybersecurity jobs available right now: April 10, 2024—Application Security Engineer HCLTech | Mexico | Remote – View job details As an Application Security Engineer, you will work on the s...

+ GSMA releases Mobile Threat Intelligence Framework—GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries ...

+ Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)—On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Micros...

+ LG smart TVs may be taken over by remote attackers—Bitdefender researchers have uncovered four vulnerabilities in webOS, the operating system running on LG smart TVs, which may offer attackers unrestri...

+ New Google Workspace feature prevents sensitive security changes if two admins don’t approve them—Google is rolling out multi-party approvals for Google Workspace customers with multiple super admin accounts, the company has announced. What does th...

+ ESET Small Business Security offers protection against online fraud, data theft and human error—ESET introduced ESET Small Business Security, which has been specifically designed to meet the cybersecurity needs of Small Office/Home Office busines...

+ Gurucul Data Optimizer provides control over real-time data transformation and routing—Gurucul launched Gurucul Data Optimizer, an intelligent data engine that allows organizations to optimize their data while reducing costs, typically b...

+ TufinMate accelerates network access troubleshooting—Tufin launched TufinMate, an AI assistant that helps organizations troubleshoot network access issues across hybrid and multi-vendor network environme...

+ Rocket DevOps simplifies compliance processes—Rocket Software is addressing the growing demand for integrated security, compliance, and automation in software development with its latest release o...

+ Sectigo appoints Jason Scott as CISO—Sectigo announced the newest member of its senior executive team with the appointment of Jason Scott as CISO. Jason will oversee all aspects of cybers...

+ Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure—Akamai launched Akamai Shield NS53, a product that protects on-premises (on-prem) Domain Name System (DNS) infrastructure from resource exhaustion att...

+ Darktrace ActiveAI Security Platform helps organizations shift focus to proactive cyber resilience—Darktrace has introduced the Darktrace ActiveAI Security Platform. The platform includes Darktrace’s existing security products supplemented by ...

+ New Latrodectus loader steps in for Qbot—New (down)loader malware called Latrodectus is being leveraged by initial access brokers and it looks like it might have been written by the same deve...

+ SINEC Security Guard identifies vulnerable production assets—Production facilities are increasingly the target of cyberattacks. Industrial companies are therefore required to identify and close potential vulnera...

+ Bitdefender Digital Identity Protection guards against web data leaks—Bitdefender has enhanced Bitdefender Digital Identity Protection, a service that monitors personal data in real-time by proactively scanning the inter...

+ Veriato introduces AI-driven predictive behavior analytics platform—Veriato released their next generation Insider Risk Management (IRM) solution. With organizations of all sizes facing a more complex cybersecurity env...

+ XZ Utils backdoor: Detection tools, scripts, rules—As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linu...

+ SymphonyAI unveils SensaAI for Sanctions to detect hidden risk in unstructured data—SymphonyAI announced SensaAI for Sanctions, a platform-agnostic “AI upgrade” for any sanctions solution. It impacts sanctions evasion efforts by optim...

+ 92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273)—A vulnerability (CVE-2024-3273) in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found....

+ April 2024 Patch Tuesday forecast: New and old from Microsoft—This month, we have a new product preview from Microsoft, and some older products are being prepared for end-of-support. But before we go there, March...

+ How can the energy sector bolster its resilience to ransomware attacks?—Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber ...

+ WiCyS: A champion for a more diverse cybersecurity workforce—In this Help Net Security interview, Lynn Dohm, Executive Director at Women in CyberSecurity (WiCyS), talks about how the organization supports its me...

+ How malicious email campaigns continue to slip through the cracks—In this Help Net Security video, Josh Bartolomie, VP of Global Threat Services at Cofense, discusses how email will remain a target as long as it rema...

+ Industrial sectors embrace zero trust for enhanced security—Organizations are leveraging zero trust to enhance the safety, security, and reliability of their enterprise across IT and OT environments, according ...

+ Threat actors are raising the bar for cyber attacks—From sophisticated nation-state-sponsored intrusions to opportunistic malware campaigns, cyber attacks manifest in various forms, targeting vulnerabil...

+ Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise—Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cyber attacks on critical infrastructure show advanc...

+ Trellix ZTS enables organizations to strengthen cyber resilience—Trellix announced the Trellix Zero Trust Strategy (ZTS) Solution, available immediately worldwide. Trellix ZTS is leveraging Trellix’s AI-powered XDR ...

+ Cybercriminal adoption of browser fingerprinting—Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. Whi...

+ Security pros are cautiously optimistic about AI—55% of organizations plan to adopt GenAI solutions within this year, signaling a substantial surge in GenAI integration, according to a Cloud Security...

+ 22% of employees admit to breaching company rules with GenAI—Disruptive technologies like AI are heightening the longstanding tension between organizational security and employee productivity, according to 1Pass...

+ How manual access reviews might be weakening your defenses—As businesses evolve, they often experience changes in roles, partnerships, and staff turnover. This dynamic can result in improper access to data and...

+ New infosec products of the week: April 5, 2024—Here’s a look at the most interesting products from the past week, featuring releases from Fastly, LogRhythm, Owl Cyber Defense Solutions, and TrueMed...

+ Omni Hotels suffer prolonged IT outage due to cyberattack—Texas-based Omni Hotels & Resorts has been responding to a cyberattack that started last Friday, which resulted in the unavailability of many of i...

+ NIST awards $3.6 million to address the cybersecurity workforce gap—The US Department of Commerce’s National Institute of Standards and Technology (NIST) has awarded cooperative agreements totaling nearly $3.6 million ...

+ Ivanti vows to transform its security operating model, reveals new vulnerabilities—Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), so...

+ Avast One Silver allows users to tailor their coverage based upon their personal preferences—Avast released a new product tier to the Avast One suite: Avast One Silver. The new offering takes a modular approach to cyber security, allowing peop...

+ Six steps for security and compliance in AI-enabled low-code/no-code development—AI is quickly transforming how individuals create their own apps, copilots, and automations. This is enabling organizations to improve output and incr...

+ Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning—Mantis is an open-source command-line framework that automates asset discovery, reconnaissance, and scanning. You input a top-level domain, and it ide...

+ Healthcare’s cyber resilience under siege as attacks multiply—In this Help Net Security interview, Eric Demers, CEO of Madaket Health, discusses prevalent cyber threats targeting healthcare organizations. He high...

+ Strengthening defenses against nation-state and for-profit cyber attacks—There is an urgent need to secure tactical, operational, and strategic critical assets from the edge to the core. In this Help Net Security video, Geo...

+ 76% of consumers don’t see themselves as cybercrime targets—67% of consumers across the globe are concerned about the security and privacy of AI, according to Bitdefender survey. AI uses personal data to feed i...

+ A “cascade” of errors let Chinese hackers into US government inboxes—Microsoft still doesn’t known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge auth...

+ Picus Security helps organizations reduce their threat exposure with AI-driven insights—Picus Security announced Picus Numi AI. As the latest innovation of the Picus Security Validation Platform, this generative AI security analyst empowe...

+ NVD: NIST is working on longer-term solutions—The recent conspicuous faltering of the National Vulnerability Database (NVD) is “based on a variety of factors, including an increase in softwa...

+ Bitwarden releases magic links API to improve passwordless user authentication—Bitwarden strengthened Bitwarden Passwordless.dev with the release of a magic links API. This offering empowers developers to incorporate passwordless...

+ Owl Talon 3 provides hardware-enforced, one-way data transfers—Owl Cyber Defense Solutions launched next generation of their flagship data diode software platform, Owl Talon 3. This new release represents the firs...

+ TrueMedia.org introduces deepfake detection tool—TrueMedia.org launched its deepfake detection technology for reporters, and other key audiences to use ahead of the 2024 U.S. elections. The free tool...

+ How Google plans to make stolen session cookies worthless for attackers—Google is working on a new security feature for Chrome called Device Bound Session Credentials (DBSC), meant to prevent attackers from using stolen se...

+ Location tracking and the battle for digital privacy—While some online privacy issues can be subtle and difficult to understand, location tracking is very simple – and very scary. Perhaps nothing reveals...

+ Cybersecurity jobs available right now: April 3, 2024—Cyber Security Manager Charterhouse Middle East | UAE | On-site – View job details The Cyber Security Manager will identify and addres...

+ Cyber attacks on critical infrastructure show advanced tactics and new capabilities—In this Help Net Security interview, Marty Edwards, Deputy CTO OT/IoT at Tenable, discusses the impact of geopolitical tensions on cyber attacks targe...

+ Human risk is the top cyber threat for IT teams—After another year rife with cybercrime, IT and cyber leaders are confronted with a new reality. AI and deepfakes can trick even the most well-trained...

+ Fortinet upgrades its real-time network security operating system—Fortinet announced the latest version of its FortiOS operating system and other major enhancements to the company’s cybersecurity platform, the Fortin...

+ Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic—Fastly introduced Fastly Bot Management to help organizations combat automated “bot” attacks at the edge and significantly reduce the risk of fraud, D...

+ AT&T data leaked: 73 million customers affected—AT&T has confirmed that the data set leaked on the dark web some two weeks ago does, indeed, contain “AT&T data-specific fields”. ...

+ LogRhythm Axon enhancements improve data management and operational efficiency—Recent global research reveals 61% of organizations still rely on manual and time-intensive methods for sharing security status updates. In response, ...

+ Veracode acquires Longbow Security to help organizations reduce application risk—Veracode announced the acquisition of Longbow Security, a pioneer in security risk management for cloud-native environments. The acquisition marks the...

+ What the ID of tomorrow may look like—Few joys remain untouched by the necessity of identity verification. With its ubiquitous presence, the call for heightened security, improved accessib...

+ Cloud Active Defense: Open-source cloud protection—Cloud Active Defense is an open-source solution that integrates decoys into cloud infrastructure. It creates a dilemma for attackers: risk attacking a...

+ Why AI forensics matters now—In this Help Net Security video, Sylvia Acevedo, who serves on the Boards of Qualcomm and Credo, discusses why companies should invest in forensic cap...

+ 73% brace for cybersecurity impact on business in the next year or two—Only 3% of organizations across the globe have the ‘mature’ level of readiness needed to be resilient against modern cybersecurity risks, according to...

+ 6 keys to navigating security and app development team tensions—There will always be a natural tension between cybersecurity teams and developers. After all, it’s the developer’s role to “develop....

+ How to design and deliver an effective cybersecurity exercise—Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation,...

+ Escalating malware tactics drive global cybercrime epidemic—Evasive, basic, and encrypted malware all increased in Q4 2023, fueling a rise in total malware, according to WatchGuard. Threat actors employ diverse...

+ Securing privacy in the face of expanding data volumes—One of the primary concerns regarding data privacy is the potential for breaches and unauthorized access. Whether it’s financial records, medica...

+ Infosec products of the month: March 2024—Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Cado Security, Che...

+ XZ Utils backdoor update: Which Linux distros are affected and what can you do?—The news that XZ Utils, a compression utility present in most Linux distributions, has been backdoored by a supposedly trusted maintainer has rattled ...

+ Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk—Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Beware! Backdoor found in XZ utilities used by many ...

As of 4/19/24 9:27pm. Last new 4/19/24 8:49pm.  Score: 221