Advertisement
Latest News
Massive ransomware attack targets VMware ESXi servers worldwide
Cybersecurity agencies globally — including in Italy, France, the US and Singapore — have issued alerts about a ransomware attack targeting the VMware ESXi hypervisor.
Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition
The cybersecuirty insurer predicts that the 1,900 CVEs would include 270 high-severity and 155 critical-severity vulnerabilities. The predictions are based on data collected over the last ten years.
OPSWAT mobile hardware offers infrastructure security for the air gap
A new, tablet-sized media scanner boasts a wide range of capabilities for critical infrastructure defense.
Advertisement
Microsoft attributes Charlie Hebdo attacks to Iranian nation-state threat group
NEPTUNIUM group claims access to the personal information of more than 200,000 Charlie Hebdo customers and uses sockpuppet accounts to taunt France’s cybersecurity sector.
Will your incident response team fight or freeze when a cyberattack hits?
CISOs train their teams to fight hackers but often overlook the human tendency to freeze up during a crisis. Planning for the psychology of incident response can help prevent a team from seizing up at the wrong moment.
Critical vulnerability patched in Jira Service Management Server and Data Center
Atlassian has issued fixed versions of the software and described a workaround to the flaw that could make access tokens available to attackers.
Remote code execution exploit chain available for VMware vRealize Log Insight
Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together.
NTT, Palo Alto partner for managed SASE with AIOps
Using a managed services provider to deliver SASE can streamline deployment and free up enterprise resources.
Foreign states already using ChatGPT maliciously, UK IT leaders believe
Most UK IT leaders are concerned about malicious use of ChatGPT as research shows how its capabilities can significantly enhance phishing and BEC scams.
APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
Changing tactics by North Korean, Russian, and Chinese APT groups suggest that Western companies are at greater risk.
Advertisement
New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs
The OSC&R Framework aims to help security professionals better understand and measure software supply chain risk.
Misconfiguration and vulnerabilities biggest risks in cloud security: Report
About 87% of container images include a high or critical vulnerability, while 90% of granted permissions are not used, according to cybersecurity firm Sysdig.
Tech Nation to close as UK government pulls key funding
Tech Nation will cease operations after a decade of supporting and transforming the UK’s scaleup tech ecosystem through programmes including Tech Nation Cyber.
UK Cyber Security Council, ISACA partner for chartered Audit and Assurance pilot
ISACA will act as the UK Cyber Security Council’s awarding body for Audit and Assurance professional titles as a chartered standard for the UK cybersecurity sector edges closer.
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy
Corporations (and their CISOs) that discover wrongdoing or corruption within their own business are well-advised to self-report such activities and cooperate with prosecutors. The stakes are high for those who don’t.
From Our Advertisers
-
Featured Sponsor IntelCompetitive Advantage with a Modern Data Center that Delivers Boundless Agility
-
Sponsored by Juniper NetworksThe Next Big Attack Vector: Your Supply Chain
-
Sponsored by CiscoWhy zero trust security is essential in the modern working environment