Security News

Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management...

Qualys CyberSecurity Asset Management 3.0 consolidates asset discovery and risk assessment into a single solution. A key differentiator of Qualys CyberSecurity Asset Management 3.0 is in the way its External Attack Surface Management technology works.

The Tor Project has released Tor Browser 13.5, bringing several improvements and enhancements for Android and desktop versions. The Tor Browser is a specialized open-source web browser designed for anonymous browsing by routing the user's traffic through thousands of volunteer-run servers called nodes/relays, which constitute the Tor network.

As we integrate AI more deeply into vulnerability management processes, organizations can expect enhanced security postures and a shift towards a more proactive and predictive approach to handling cybersecurity threats. AI has some major limitations and even security concerns, especially regarding vulnerability management.

Your business, attack surface, and threat landscape are not static-they are constantly changing. New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released, and threat actors update their techniques continuously.

A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. ...

More remote work and a focus on resource planning are two trends driving changes in project management software in APAC and around the globe. Celoxis’ Ratnakar Gore explains how PM vendors are...

What are some patch management best practices and techniques? Following patch management "Golden rules" such as patching on test machines and organizing rollout beforehand.

As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency for Health has announced the Universal PatchinG and Remediation for Autonomous DEfense program aimed at developing a vulnerability management platform for healthcare IT teams. CVE-2023-43208, an easily exploitable unauthenticated remote code execution vulnerability affecting NextGen HealthCare's Mirth Connect data integration platform, has been patched by the company and publicly disclosed by Horizon3.

Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large...