With increasingly flexible remote-work options (for keeps or just for the holidays), security’s got to push left to keep pace.

Active Directory can be incredibly versatile, but unfortunately it is often the weak link in the identity security chain due to misconfiguration.

Exploits of the venerable vulnerability gain in complexity.

The commercial attack tool’s use by bad actors has faded after an initial flurry, while Cobalt Strike remains the go-to post-exploitation tool for many.

The European Union Agency for Cybersecurity (ENISA) has published a report on potential cybersecurity threats for 2030, trying to anticipate future security risks based on current trends and expert opinions. While some of the less likely predictions may touch on science fiction, the top two anticipated threats are already with us today: software supply chain compromises and AI-enhanced disinformation campaigns.

Interest in OpenAI’s latest version of its interactive language model has spurred a new wave of scam apps looking to cash in on the hype

A new recently observed ransomware family dubbed Akira uses a retro aesthetic on their victim site very reminiscent of the 1980s green screen consoles and possibly takes its namesake from the popular 1988 anime film of the same name.

Merkel contends that enterprises must up their operational games to succeed because enterprises don’t have months, weeks, or days to patch their high-risk vulnerabilities. “You have minutes,” says Merkel.

Leonard explains how SyxSense helps enterprises unify how they manage endpoint security by consolidating the security management for all endpoints and gathering security data within a single console.

There are so many security tools in place today that there’s a risk that security teams rely too much on their toolsets and not enough on their cybersecurity strategy.