Supply chain vulnerability allows attackers to manipulate SAP transport system
A supply chain vulnerability in the SAP transport system that allows attackers to infiltrate the change management or software deployment process has been identified by...
The 2021 Threat Landscape Retrospective: Targeting the Vulnerabilities that Matter Most
A review of the year in vulnerabilities and breaches, with insights to help guide cybersecurity strategy in 2022 and beyond. “We do not learn from...
The Prometheus traffic direction system is a major player in malware distribution
Cybercrime is fueled by a complex ecosystem of criminal groups that specialize on different pieces of the final attack chains experienced by victims. There are...
Are Fake COVID Testing Sites Harvesting Data?
Over the past few weeks, I’ve seen a bunch of writing about what seems to be fake COVID-19 testing sites. They take your name and...
Exploring influences on SSC grades for insurance companies
This blog was written by an independent guest blogger. There are more online stores and services available than ever, and you are able to shop...
How chaos engineering can help DevSecOps teams find vulnerabilities
The words “chaos” and “engineering” aren’t usually found together. After all, good engineers keep chaos at bay. Yet lately software developers are deploying what they...
Russian cyberattacks on Ukraine raise IT security concerns
This past week has seen an inundation of notifications concerning Russia’s overt and covert efforts to set “their” stage to provide it with a pretext...
Microsoft’s Pluton security processor tackles hardware, firmware vulnerabilities
While this year’s Consumer Electronics Show was impacted by COVID, it didn’t stop Lenovo from announcing the first Microsoft Pluton-powered Windows 11 PCs. First announced...
Nine-year-old kids are launching DDoS attacks against schools
Britain's computer crime cops are targeting youngsters as young as nine years old in an attempt to dissuade them from embarking on a life of...
CIS Risk Assessment Method (RAM) v2.1 for CIS Controls v8
CIS recently released the CIS Risk Assessment Method (RAM) v2.1, a risk assessment method designed to help enterprises justify investments for implementing the CIS Critical...
