Newsroom

A hand-picked curation of industry news and information, to keep you well informed on all things cyber security

Researchers uncovered a stealthy UEFI rootkit that's being used in highly targeted campaigns by a notorious Chinese cyberespionage group with suspected government ties. The group is known for using software supply-chain attacks in the past. Dubbed MoonBounce by researchers from Kaspersky Lab, the implant's goal is to inject a malicious driver into the Windows kernel during the booting stages, providing attackers with a high level...

Read More

With new threats disrupting business operations and an increasingly strict regulatory environment, security is no longer a risk mitigation activity or a growth inhibitor. Rather, information security is increasingly being viewed as strategic business enabler for the enterprise. That is evident in IDG's 2022 State of the CIO Survey, where IT leaders and line of business (LOB) executives were asked which technologies they expected to have...

Read More

Many organizations accelerated digital transformation in response to COVID-19 to remain resilient and competitive, with heavy investments in the cloud. This trend will continue well beyond the initial stages of the pandemic, with IDC's spending forecast on "whole cloud" services to surpass $1.3 trillion by 2025. Unfortunately, side effects from these expanded architectures include enhanced risk of shadow IT and unauthorized cloud access, as well as...

Read More

Should you beware of wearables? Here’s what you should know about the potential security and privacy risks of your smartwatch or fitness tracker. Smartwatches, fitness trackers and other wearables are fast becoming almost as familiar to us as our mobile phones and tablets. These connected gadgets do much more than tell the time. They track our health, display our emails, control our smart homes and can...

Read More

Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases as part of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification called private network...

Read More

There are three major players when it comes to patch management: security analysts, IT professionals, and attackers. And unfortunately, there is usually a lot of friction between the security and IT teams, preventing them from successfully defending against the attackers. This leads to an asymmetric threat where an attacker only needs to know one weakness or vulnerability to be successful, while the defenders must know...

Read More
Cybersecurity Assessment Special Offer