Detailed view of a computer motherboard showing its components. Generative AI

(Adobe Stock)

‘LogoFAIL’ vulnerabilities may affect 95% of computers, researchers say

Laura FrenchDecember 9, 2023

Hackers could bypass boot security to execute malicious code due to image parser flaws for hundreds of consumer and enterprise-grade devices.

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Malware

Trojan-proxy based on macOS piggybacks on cracked software

Steve ZurierDecember 8, 2023

Security researchers say the emergence of the macOS trojan-proxy shows that all operating systems are under attack as hackers don't discriminate.

Small gift boxes arranged on the laptop keyboard. Cybersecurity of online shopping.

Generative AI

AI drives holiday phishing scams, as well as email defenses

Laura FrenchDecember 8, 2023

Generative artificial intelligence tools intensify the phishing arms race this holiday season between hackers and inbox defenders.

Magnifying glass found the Russia map among computer binary code

Threat Intelligence

US, UK accuse Russia’s Callisto Group of cyber espionage, political interference

Simon HenderyDecember 8, 2023

The two governments announced sanctions and charges against members of the APT group linked to Russia’s FSB intelligence service.

Endpoint/Device Security

Critical Bluetooth flaw could take over Android, Apple, Linux devices

Steve ZurierDecember 7, 2023

The flaw is an authentication bypass that lets attackers connect susceptible devices and inject keystrokes to achieve code execution as the victim.

Ransomware

Apple-backed data breach report says 2.6 billion records leaked in 2 years

Laura FrenchDecember 7, 2023

Ransomware and third-party vendor attacks are key factors as breaches grow by 20% in 2023, according to MIT professor who conducted report on behalf of Apple.

Endpoint/Device Security

Sierra router vulnerabilities pose hacking risk for critical infrastructure

Laura FrenchDecember 6, 2023

More than 20 new vulnerabilities, including one critical vulnerability, enable denial-of-service attacks, remote code execution and more.

Leadership

Steve Katz dies; cybersecurity innovator known as ‘World’s First CISO’

Steve ZurierDecember 6, 2023

The former Citibank CISO was well-known as an industry pioneer and for mentoring cybersecurity talent in a most generous way.

Adobe Systems headquarters in Silicon Valley.

Patch/Configuration Management

Unpatched Adobe ColdFusion bug led to double breach of US federal agency

Simon HenderyDecember 6, 2023

Hackers gained initial access to the civilian agency two months after a mandatory deadline to patch the vulnerability had expired.

‘LogoFAIL’ vulnerabilities may affect 95% of computers, researchers say

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

QR-Code Phishing has multiplied: How detection helps security teams win

Why the United States has to rethink its critical infrastructure strategy

Embrace AI and stay competitive, or watch the business fall behind

Lessons from the New Jersey and New York healthcare cyber breaches

SolarWinds lawsuit by SEC puts CISOs in the hot seat

In Brief

Default end-to-end encryption introduced in Messenger

New 23andMe user terms seek to curb breach lawsuits

Aldo downplays LockBit attack claims

Major EDRs fail to flag novel process injection techniques

Microsoft DHCP could be leveraged for Active Directory DNS spoofing

More Resources

PCI DSS 4.0: What changes for AppSec?

Key questions to ask when evaluating an identity and access security vendor

Account-opening solutions offer strong returns on investment

7-hour recovery: How an American business beat ransomware

Chargeback protection market set for explosive growth

Trojan-proxy based on macOS piggybacks on cracked software

AI drives holiday phishing scams, as well as email defenses

US, UK accuse Russia’s Callisto Group of cyber espionage, political interference

Critical Bluetooth flaw could take over Android, Apple, Linux devices

Apple-backed data breach report says 2.6 billion records leaked in 2 years

Sierra router vulnerabilities pose hacking risk for critical infrastructure

Steve Katz dies; cybersecurity innovator known as ‘World’s First CISO’

Unpatched Adobe ColdFusion bug led to double breach of US federal agency

EVENTS

AI & automation: Redefining and revolutionizing cyber

Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware

CISO Stories: Balancing IAM Cost, Security, and Experience

A CISOs Guide to Effective Security Practices in Cloud Computing Environments

Ransomware attack lessons, from MOVEit and Doubledrive to MGM/Caesars

Cybersecurity News, Awards, Webinars, eSummits, Research

‘LogoFAIL’ vulnerabilities may affect 95% of computers, researchers say

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

QR-Code Phishing has multiplied: How detection helps security teams win

Why the United States has to rethink its critical infrastructure strategy

Embrace AI and stay competitive, or watch the business fall behind

Lessons from the New Jersey and New York healthcare cyber breaches

SolarWinds lawsuit by SEC puts CISOs in the hot seat

In Brief

Default end-to-end encryption introduced in Messenger

New 23andMe user terms seek to curb breach lawsuits

Aldo downplays LockBit attack claims

Major EDRs fail to flag novel process injection techniques

Microsoft DHCP could be leveraged for Active Directory DNS spoofing

More Resources

PCI DSS 4.0: What changes for AppSec?

Key questions to ask when evaluating an identity and access security vendor

Account-opening solutions offer strong returns on investment

7-hour recovery: How an American business beat ransomware

Chargeback protection market set for explosive growth

Trojan-proxy based on macOS piggybacks on cracked software

AI drives holiday phishing scams, as well as email defenses

US, UK accuse Russia’s Callisto Group of cyber espionage, political interference

Critical Bluetooth flaw could take over Android, Apple, Linux devices

Apple-backed data breach report says 2.6 billion records leaked in 2 years

Sierra router vulnerabilities pose hacking risk for critical infrastructure

Steve Katz dies; cybersecurity innovator known as ‘World’s First CISO’

Unpatched Adobe ColdFusion bug led to double breach of US federal agency

EVENTS

AI & automation: Redefining and revolutionizing cyber

Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware

CISO Stories: Balancing IAM Cost, Security, and Experience

A CISOs Guide to Effective Security Practices in Cloud Computing Environments

Ransomware attack lessons, from MOVEit and Doubledrive to MGM/Caesars