Cybersecurity News, Awards, Webinars, eSummits, Research

Programming language, PowerShell inscription on the background of computer code. (Adobe Stock Images)

Flaws in Microsoft’s PowerShell Gallery may cause supply chain attacks

Steve ZurierAugust 16, 2023

Aqua Nautilus researchers warn that the installation of a malicious PowerShell module could take down an organization.

WHITEPAPER

Vulnerability management: A maelstrom of moving targets

PODCASTS

RESOURCES

FEATURED

Women in Cybersecurity: The perfect threat modelers

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Malware

Over 100K hackers fall victim to infostealer malware

Simon HenderyAugust 16, 2023

Hudson Rock researchers discover logs from 120,000 malware-infected computers containing credentials used to access cybercrime forums.

Data Security

Web app warning: 74% of apps with PII are vulnerable to a ‘major exploit’, report

Steve ZurierAugust 16, 2023

Report highlights how PII is vulnerable in web apps accessible to the public internet.

Cloud technology concept: Golden cloud with padlock on digital background.

Cloud Security

Researchers find sensitive personal data in over 30% of cloud assets

Stephen WeigandAugust 16, 2023

Dig Security researchers found personally identifiable information in a sample of over 1 billion records analyzed for their study.

Phishing

Phishers placing malicious content on captured websites

Steve ZurierAugust 15, 2023

Kaspersky researchers say phishers target unpopular sites with less traffic that they can capture and set up shop to run malicious activities.

Application security

Crypto crooks target beta-testing wannabees, FBI warns

Simon HenderyAugust 15, 2023

Scammers are bypassing app store security checks and duping victims into downloading malicious apps masquerading as crypto investment platforms.

Two men speak on a stage behind a podium reading 'Black Hat.'

Endpoint/Device Security

‘Defender Pretender’ turns Windows’ malware protections against itself

Paul WagenseilAugust 15, 2023

Two Israeli researchers showed the Black Hat security conference how Windows Defender could be subverted to allow malware infection or even remove critical system files.

Identity

BSides Las Vegas roundup: Passwordless misconfigurations and hidden app vulnerabilities

Paul WagenseilAugust 15, 2023

Poor practices and quick shortcuts are at the root of passwordless vulnerabilities and undetectable software flaws, two researchers said at the BSides Las Vegas security conference.

A man in a red shirt speaks on a stage next to a podium marked with the words 'Black Hat.'

Ransomware

‘DoubleDrive’ attack turns Microsoft OneDrive into ransomware

Paul WagenseilAugust 14, 2023

Microsoft's cloud-syncing feature can be used as ransomware, an Israeli researcher demonstrated at the Black Hat security conference.

Flaws in Microsoft’s PowerShell Gallery may cause supply chain attacks

WHITEPAPER

Vulnerability management: A maelstrom of moving targets

PODCASTS

RESOURCES

FEATURED

Women in Cybersecurity: The perfect threat modelers

Get daily email updates

Perspectives

Three questions to ask about synthetic identities

Four benefits of running continuous DAST in production environments

Here’s how to contain supply chain attacks

Why detection and response technology won’t solve all ransomware attacks

Observations from Black Hat 2023: As AI advances, we can’t leave security behind

In Brief

Microsoft email hack reportedly impacts US lawmaker

UMass Chan hit by MOVEit hack

Massive LinkedIn hack reported

Cyberattack disclosed by Maryland school district

Attacks exploiting Citrix flaw compromise thousands of NetScaler instances

More Resources

Key questions to ask when evaluating a network-security vendor

10 steps to choose and deploy a network-security solution

How to optimize endpoint security

Key findings: The State of Ransomware 2023 report

Must-have browser security features

Over 100K hackers fall victim to infostealer malware

Web app warning: 74% of apps with PII are vulnerable to a ‘major exploit’, report

Researchers find sensitive personal data in over 30% of cloud assets

Phishers placing malicious content on captured websites

Crypto crooks target beta-testing wannabees, FBI warns

‘Defender Pretender’ turns Windows’ malware protections against itself

BSides Las Vegas roundup: Passwordless misconfigurations and hidden app vulnerabilities

‘DoubleDrive’ attack turns Microsoft OneDrive into ransomware

EVENTS

Threat intelligence: Be informed & banish ignorance

Cyber risk is business risk: Walking the intersecting lines

Seeking safer shortcuts for devs: Snyk’s 2023 State of Open Source Security Report

The endpoint end game: Locking down your entry points

Secure and efficient app development? How Snyk makes both possible