Is Sandboxing Dead?
Organizations should start to evaluate other security measures to replace or complement the once-venerable security sandbox.
CISA orders federal agencies to fix hundreds of exploited security flaws
CISA has issued this year's first binding operational directive (BOD) ordering federal civilian agencies to mitigate security vulnerabilities exploited in the wild…
Cloud, Remote Work Will Change How IT Uses Vulnerability Scanners
Tenable added Raspberry Pi support to Nessus v10.0 to help security professionals conduct audits and assessments remotely.
Attackers Flaunt Remote Access Credentials, Threaten Supply Chain
Attackers advertise access to computers within shipping and logistics companies as the global supply chain struggles to meet post-COVID demands.
Dragos Launches ServiceNow’s OT Asset Discovery App
Integration with Dragos Platform will help joint customers to expand the visibility of ICS/OT assets.
Over 30,000 GitLab servers still unpatched against critical bug
A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments…
SaaS and Third-Party Risk: Is Your Organization Asking the Hard Questions?
An investment in due diligence might prevent your organization from being part of next week's breach news cycle.
Microsoft announces new endpoint security solution for SMBs
Microsoft today announced a new endpoint security solution dubbed Microsoft Defender for Business, specially built for small and medium-sized businesses. [...]
‘Trojan Source’ attack method can hide bugs into open-source code
Academic researchers have released details about a new attack method they call "Trojan Source" that allows injecting vulnerabilities into the…
Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks
A researcher will release an open source tool at Black Hat Europe next week that roots out server weaknesses to…