We looked past the obvious places—vendors and tools—and took a hard look at the small, recurring…
Category: Insights
13 Fragen gegen Drittanbieterrisiken
Welche Form von Zugriff das Team des Drittanbieters auf Kundensysteme und -daten hat und wie dieser…
The new paradigm for raising up secure software engineers
Emilio Pinna, director and co-founder of developer security training platform SecureFlag, says this represents a fundamental…
Hundreds of Ivanti EPM systems exposed online as critical flaw patched
Once the malicious JavaScript executes, attackers gain control of the admin session with full privileges to…
How can staff+ security engineers force-multiply their impact?
Staff+ engineers play a critical role in designing, scaling and influencing the security posture of an…
Hidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fix
By taking advantage of this unexpected .NET behavior, the researcher found RCE issues in Barracuda Service…
Making cybercrime illegal won’t stop it; making cybersec research legal may
Her views were echoed by Dray Aghasenior manager of security operations atHuntress. “Organizations can support the…
Fortinet admins urged to update software to close FortiCloud SSO holes
In an advisoryFortinet notes that the FortiCloud SSO login feature is not enabled in default factory…
Combating the shortage of skilled workers with MXDR
By using MXDR, companies can expand their IT security team with experts and use their expertise.…
How to justify your security investments
Focus on future risks A board of directors is expected to focus not only on current…