passwordless header

Legacy, password-based authentication systems are failing enterprise security, says study

Sixty percent of respondents hit by an authentication-related cyberattack in the last 12 months agreed that they could have avoided it with a passwordless system.

Wired brain illustration - next step to artificial intelligence

Microsoft announces generative AI Security Copilot

Microsoft’s new generative AI security system grafts GPT-4 into its security offerings for integrated analysis and responses.

cso security hacker breach privacy ransomware malware attack gettyimages 1216075693 by towfiqu aham

Hackers changed tactics, went cross-platform in 2022, says Trend Micro

Ransomware groups are adopting corporate structures, Microsoft macros are no longer an easy target, and the Rust programming language is making it easier to write multiplatform malware.


Insider threats  >  Employees suspiciously peering over cubicle walls

Data loss from insider events increase despite IRM programs, says study

Insider risks are difficult to detect, manage and mitigate and can easily evade lackluster, low-budget insider risk management programs with an inadequate training regime.

1798109056 decision making ciso soc

5 ways to tell you are not CISO material

Cybersecurity professionals looking at the top job have the technical skills to be come a CISO but may wonder if they have what it takes to lead a team while ensuring management and board support. Here are five ways to tell if you are...

major cyber attack global international cybersecurity

Office of the Director of National Intelligence highlights cyber threats in 2023 Intelligence Threat Assessment

CISOs everywhere should pay attention when ODNI outlines cybersecurity threats coming from nation-states and independent groups around the world.

businessman data risk metering management security

PwC UK partners with ReversingLabs to bring software supply chain security to third-party risk management

PwC UK, ReversingLabs partnership aims to operationalize detection and mitigation of security threats inherent in third-party software.

tracking cctv ai facial recognition camera zoom recognizes person surveillance scanning crowd peopl

Biden administration seeks to tamp down the spyware market with a new ban

The Biden administration issued an executive order to outlaw the federal government's use of commercial foreign spyware--with some caveats.

cybercrime cyber crime skull symbol project darknet dark web internet safety cyberattack theft viru

Researchers warn of two new variants of potent IcedID malware loader

The new IcedID variants are likely used for ransomware delivery, and researchers expect new variants to emerge.


Part of Twitter source code leaked on GitHub

Twitter has filed a case in the US District Court for the Northern District of California seeking GitHub to identify the person who shared the code.


social media users

France bans TikTok, all social media apps from government devices

French government says TikTok and all other “recreational apps” pose data security risks if installed on government and senior official devices.


Best practices for protecting AWS RDS and other cloud databases

The Relational Database Service from AWS can help streamline a host of cloud storage operations, but maintaining security requires some attention on the part of the user. Here are some best practices for using RDS.

Security threat [illustration]  >  A hacker with black hat, mask, and crowbar breaks into a laptop.

Critical flaw in WooCommerce can be used to compromise WordPress websites

The vulnerability could allow unauthenticated administrative takeover of websites. WooCommerce has released an update.

cybersecurity eye with binary face recognition abstract eye

Cyberpion rebrands as Ionix, offering new EASM visibility improvements

Ionix is adding a suite of new features to help extend the visibility of interconnected assets and deliver risk-based prioritization.

cybercrime cyber crime skull symbol project darknet dark web internet safety cyberattack theft viru

UK NCA infiltrates cybercrime marketplace via fake DDoS-for-hire sites

The UK’s National Crime Agency has been undertaking a sustained programme to disrupt and undermine criminal distributed denial of service activity.