The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than...
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year's...
The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than...
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year's...
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 – Nov 17)
What do hijacked websites, fake job offers, and sneaky ransomware have in common? They're proof that cybercriminals are finding smarter, sneakier ways to exploit...
Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy
Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services...
Fake Discount Sites Exploit Black Friday to Hijack Shopper Information
A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal...
Beyond Compliance: The Advantage of Year-Round Network Pen Testing
IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here's the thing: hackers...
NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit
Legal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used...
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited,...
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting...
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of...