Enterprises Are Sailing Into a Perfect Storm of Cloud Risk
Policy as code and other techniques can help enterprises steer clear of the dangers that have befallen otherwise sophisticated cloud…
When Patching Security Flaws, Smarter Trumps Faster
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring…
US Search for Vulnerabilities Drives 10x Increase in Bug Reports
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual…
Microsoft: Edge will mitigate ‘unforeseen active’ zero day bugs
Microsoft Edge has added a new feature to the Beta channel that will be able to mitigate future in-the-wild exploitation…
What Are DeFi Flash Loans & How To Prevent Flash Loan Attacks?
Flash loans, a type of uncollateralized lending, have gained in popularity, as well as bad press. Flash loan […] The…
Fighting Back Against Pegasus, Other Advanced Mobile Malware
Detecting infection traces from Pegasus and other APTs can be tricky, complicated by iOS and Android security features.
How to Protect Your Phone from Pegasus and Other APTs
The good news is that you can take steps to avoid advanced persistent threats. The bad news is that it…
Check If You Have to Worry About the Latest HTTP Protocol Stack Flaw
In this Tech Tip, SANS Institute’s Johannes Ullrich suggests using PowerShell to identify Windows systems affected by the newly disclosed…
Oxeye Introduce Open Source Payload Deobfuscation Tool
Ox4Shell exposes hidden payloads thatare actively being used to confuse security protection tools and security teams.
Patch Management Today: A Risk-Based Strategy to Defeat Cybercriminals
By combining risk-based vulnerability prioritization and automated patch intelligence, organizations can apply patches based on threat level. Part 2 of…