CISA urges orgs to patch actively exploited Windows SeriousSAM bug
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to the catalog of vulnerabilities another 15 security issues actively…
Credential-Stuffing Attacks on Remote Windows Systems Took Off in 2021
Password-guessing became last year's weapon of choice, as attackers attempted to brute-force vulnerable Remote Desktop Protocol (RDP) servers, SQL databases,…
Hacking group ‘ModifiedElephant’ evaded discovery for a decade
Threat analysts have linked a decade of activity to an APT (advanced persistent threat) actor called 'ModifiedElephant', who has managed…
Canada’s trucker protests and history’s parallels
Could the truckers who iced Parliament Hill in Ottawa over vaccine and mask mandates also freeze Capitol Hill and Washington,…
Data Transparency Hasn’t Made Us Safer Yet. Can It Uncover Breach Causality?
Advanced machine learning models within an XDR framework could uncover what actually causes breaches, but first we need better data…
CISA warns admins to patch maximum severity SAP vulnerability
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to patch a set of severe security flaws dubbed ICMAD (Internet…
Log4j and the Role of SBOMs in Reducing Software Security Risk
Enterprises are spending a pittance on securing their software supply chain, which makes COTS software dangerous — vulnerabilities can be…
Qualys Launches Context XDR
Qualys Context XDR provides the security context that operations teams need to eliminate false positives and noise by triangulating risk…
Salesforce DevOps Needs Guardrails
Some companies go too fast when it comes to SaaS, DevOps, and security, but smart developers and implementers will respect…
Log4j: Getting From Stopgap Remedies to Long-Term Solutions
This pervasive vulnerability will require continued care and attention to fully remediate and detect permutations. Here are some ways to…