Week in review: Kali Linux 2021.2, the human cost of understaffed SOCs, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles and interviews: Kali Linux 2021.2 released: Kaboxer, Kali-Tweaks, new tools, and more! Offensive Security has released Kali Linux 2021.2, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it. June 2021 Patch Tuesday forecast: […]

Continue Reading

Week in review: VMware critical updates, prevalent enterprise cybersecurity risks, 3 years of GDPR

Here’s an overview of some of last week’s most interesting news and articles: Belgium’s Interior Ministry uncovers 2-year-long compromise of its network Belgium’s Federal Public Service Interior (i.e., the country’s Interior Ministry) has suffered a “complex, sophisticated and targeted cyberattack.” New TSA security directive is a needed shock to the system The Department of Homeland […]

Continue Reading

Week in review: Dealing with ransomware attacks, detecting use of stolen API credentials inside AWS

Here’s an overview of some of last week’s most interesting news, articles and podcasts: Vulnerability in popular browsers could be used to track, profile users online A vulnerability affecting desktop versions of four popular web browsers could be exploited by advertisers, malicious actors, and other third parties to track and profile users online even if […]

Continue Reading

Week in review: Patch Tuesday forecast, how to select a DLP solution, is it OK to publish PoC exploits?

Here’s an overview of some of last week’s most interesting news, articles and interviews: 21 vulnerabilities found in Exim, update your instances ASAP! A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated remote code execution on the […]

Continue Reading

Week in review: Pulse Secure zero-day actively exploited, how to select an IAM solution

Here’s an overview of some of last week’s most interesting news, articles and interviews: Infosecurity transformation and building proactive mitigation strategies In this interview with Help Net Security, Marcos Christodonte II discusses his path in the industry as well as lessons learned along the way. He talks about the skills gap, the cybercrime economy and […]

Continue Reading

Week in review: New DNS vulnerabilities, benefits of cyber threat intelligence, FBI removes web shells

Here’s an overview of some of last week’s most interesting news, articles and podcast: New DNS vulnerabilities have the potential to impact millions of devices Forescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, dubbed NAME:WRECK. FBI removes web shells from hacked Microsoft Exchange servers Authorities have executed a court-authorized […]

Continue Reading

Week in review: SAP apps under attack, Zero Trust creator talks, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles and reviews: SAP applications are getting compromised by skilled attackers Newly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities affecting them are being weaponized in less than 72 hours after […]

Continue Reading