Managing Threats When Most of the Security Team Is Out of the Office
During holidays and slow weeks, teams thin out and attackers move in. Here are strategies to bridge gaps, stay vigilant, and…
OT/ICS Engineering Workstations Face Barrage of Fresh Malware
Cyberattacks against OT/ICS engineering workstations are widely underestimated, according to researchers who discovered malware designed to shut down Siemens workstation…
Fortinet Addresses Unpatched Critical RCE Vector
Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code…
Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2
A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since…
Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2
A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since…
Bridging the ‘Keyboard-to-Chair’ Gap With Identity Verification
Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability.
Vendors Chase Potential of Non-Human Identity Management
Non-human identities authenticate machine-to-machine communication. The big challenge now is to secure their elements and processes — before attackers can…
CISA Releases Draft of National Cyber Incident Response Plan
The draft of the long-awaited update to the NCIRP outlines the efforts, mechanisms, involved parties, and decisions the US government…
India Sees Surge in API Attacks, Especially in Banking, Utilities
The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see…
Interpol: Can We Drop the Term ‘Pig Butchering’?
The agency asks the cybersecurity community to adopt "romance baiting" in place of dehumanizing language.