This year has seen the first significant update to ISO 27002 since 2013. These modifications reflect in Annex A’s security controls for organizations with ISO 27001 certification. ISO 27001 is a standard for ISMS (information security management systems) that...
Venafi, a company that makes artificial ID solutions, recently conducted a study to learn more about the effects of cloud complexities on cybersecurity. According to a poll conducted by Venafi among 1,101 security decision-makers (SDMs) at enterprises with over 1,000...
According to the security firm, a threat actor headquartered in China utilized tainted vSphere Installation Bundles to plant multiple backdoors in targeted computers. VMware published urgent new mitigation measures and advice for customers of its vSphere virtualized...
Phishers keep an eye on the news and use this knowledge to their advantage, as evidenced by the Capital One lures, which took advantage of the bank’s recently formed collaboration with Authentify. Capital One’s recent cooperation with Authentify has been...
Blog US Government Issues Guidance for Software Developers to Secure Software Supply Chain US Government Issues Guidance for Software Developers to Secure Software Supply Chain Enhancing the security of the software supply chain is just as important as ensuring that...
The Oklahoma Student Loan Authority (OSLA) and EdFinancial recently announced that over 2.5 million loanees were the victims of a severe data breach that has compromised their personal information. The target of the attack was a Lincoln, Nebraska-based web portal and...
Flaws in the authentication process mean compromised security for businesses that contract with major cloud providers for services, data storage, and protection. One of the most significant weaknesses in their armor occurs when customers are allowed to enter usernames...
Browsers restrict webpages from accessing various forms of user data, and the user retains their right to share information with a website. However, a recent discovery reveals that Google Chrome has a security flaw that allows websites to change data contained in the...
Two of the most popular open-source ventures have identified several weaknesses, Google and Apache. The vulnerabilities may be used to access various proprietary information stealthily and provide access to lateral movement in a firm. Moreover, the glitch may be used...
Cyberspace has enjoyed relative peace over the past few years due to a significant decline in ransomware attacks. This tranquility may be attributed to the combined efforts of several international intelligence agencies and various tech companies to eradicate...
Hackers use a zero-day vulnerability in Zimbra to inject a malicious payload onto vulnerable webmail servers using the PGP decryption exploit they ported during a recent Black Hat 2022 conference. To take control of the victim’s email account, the hacker would...
A Zeus variant that first surfaced in August 2016 called Zeppelin has resurfaced and is now being used to compromise Web servers to distribute its payload. The threat researchers at Forcepoint Security Labs said they first started seeing new Zeppelin malware samples...
