Avast found backdoor in US Federal Agency Network
Avast Threat Intelligence Team stated that it tried to notify the agency about the intrusion but didn’t receive any favorable response, which is why it decided to disclose its findings....
Read more
Cybersecurity
4 Ways Cybercriminals Exploit Remote Teams
Working from home (WFH) is not a piece of cake especially when cybercriminals exploited every possible vulnerability to break into your workstation. Cybercriminals are improving and refining their methods for...
Read more
The Log4j saga: New vulnerabilities and attack vectors discovered
The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j v2.15.0. There’s CVE-2021-45046, a DoS/RCE flaw...
Read more
How can AI be made more secure and trustworthy?
While we’re still debating whether and how long it will take to reach singularity and superintelligence, artificial intelligence is playing an increasingly important role in our everyday lives. Artificial intelligence...
Read more
Zero trust isn’t just for IT, it can also protect targeted critical infrastructure
Gartner predicts that by 2025 cyber attackers will have weaponized OT environments to successfully harm or kill humans. Not only is a solution to secure OT assets imperative, but it...
Read more
How likely are employees to fall prey to a phishing attack?
22% of employees are likely to expose their organization to the risk of cyber attack via a successful phishing attempt, a Phished report reveals. Analysis of the broad and diverse...
Read more
Shifting security further left: DevSecOps becoming SecDevOps
Veracode has revealed usage data that demonstrates cybersecurity is becoming more automated and componentized in line with modern software architectures and development practices. The analysis of 5,446,170 static scans and...
Read more
GoTestWAF: Open-source project for evaluating web application security solutions
GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, etc. It was designed to...
Read more
The cybersecurity executive order is not all it’s cracked up to be
Seventy-two percent of federal cybersecurity leaders say the White House’s May 2021 Cybersecurity Executive Order (EO) addresses only a fraction of today’s cybersecurity challenges, according to a study from MeriTalk....
Read more
Not all domain registrars are created equal: Consumer-grade vs. enterprise-class
SecurityScorecard and CSC released comprehensive research detailing the impacts of an organization’s choice in domain registrar on their overall security ratings. The research shows that companies that select enterprise-class registrars...
Read more