Cross-Site Scripting Is 2024’s Most Dangerous Software Weakness
MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to…
MITRE shares 2024’s top 25 most dangerous software weaknesses
MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000…
Data Breaches are a Dime a Dozen: It’s Time for a New Cybersecurity Paradigm
Data breaches have accelerated quickly in 2024. Google ‘data breach’ and you’re in for a whirlwind of high-profile names scattered…
Spotlight on Dashlane
Dashlane is the leading enterprise credential manager that secures access and proactively protects against breaches. In an era where painfully…
Empowering Security Through Timely Nudges: Harnessing Behavioral Science for Real-Time Interventions
Picture this: your colleague’s about to click a link that you know is dodgy. You see it happening from the…
China’s ‘Evasive Panda’ APT Debuts High-End Cloud Hijacking
A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info…
Detection Engineering in Post SIEM and SOAR World
A few years back, my security team was tasked to create and maintain a green field environment for FEDRAMP compliance.…
Sophos-SecureWorks Deal Focuses on Building Advanced MDR, XDR Platform
Sophos CEO Joe Levy says $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis…
The Imperative of Penetration Testing AI Systems
In the modern era of technological advancement, artificial intelligence (AI) is revolutionizing business operations, presenting unparalleled opportunities for efficiency and…
Russia’s APT29 Mimics AWS Domains to Steal Windows Credentials
Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.