A major security vulnerability in the open source PrestaShop software is being exploited in the wild and approximately 300,000 merchant shops are at risk. [Read More]
A study of the evolution of cybercrime suggests the threat will only get worse as financially motivated malware gangs start to mimic the operations of legitimate businesses. [Read More]
Apple's security response team has pushed out software fixes for at least 39 software vulnerabilities haunting the macOS Catalina, iOS and iPadOS platforms. [Read More]
Prominent cybersecurity executive Katie Moussouris is calling on the U.S. government to resist the urge to match China’s reported mandates around early vulnerability disclosure directly to the government. [Read More]
Microsoft issues an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system. [Read More]
The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony’s Horizon Bridge, according to new data and research from Elliptic. [Read More]
Big-game malware hunters at Volexity call attention to a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. [Read More]
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
A multi-layered breach detection and recovery plan is a must to protect your organization, making the difference between a catastrophic breach that devastates your business and a breach that’s quickly contained and terminated.
There’s no one size fits all disaster survival plan: a server compromise is vastly different than full scale nuclear attack, and both require situationally appropriate responses.
What can we glean from "Superstorm" Sandy that will help us deal with security events as disruptive in nature as Super Storm Sandy? Do we need a strategic shift in how we respond to incidents? What are key security observations from this storm?
In the security and privacy world, 2012 is turning out to be the year for Internet security bills. But why now and why so many Internet protection bills suddenly coming up in Congress?
The Amazon Web Services Cloud Outage showed the world that the cloud — while great — does not absolve companies from taking fundamental precautions to safeguard their systems online.