Growing Enterprise Data is Creating Big Cybersecurity Risk
Buzz about big data permeated tech conversations in the mid-1990s, but people today don’t talk as much about big data anymore. It’s not that data…
Month: January 2025
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Jan 17, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to…
Why CIO tenures are getting shorter …. and why it matters
It is widely acknowledged that CIOs (and other tech leaders such as CTOs) on average spend a relatively short time in their roles compared to…
It’s Easier Than Ever To Hack. Newbies Gone Phishing.
Cyberattacks have become increasingly sophisticated, with more advanced technologies than ever at the disposal of cybercriminals. In 2025, cybercrime damages are expected to reach $10.5…
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Jan 17, 2025Ravie LakshmananWeb Security / Botnet Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms…
Cyber innovation to address rising regulatory, threat burden
The digital landscape is evolving rapidly, presenting security leaders with unprecedented challenges. As threats increase in volume and complexity, exacerbated by geopolitical tensions and cyber…
Yubico PAM Module Vulnerability Let Attackers Bypass Authentications In Certain Configurations
A leading provider of hardware authentication security keys, Yubico has recently disclosed a significant vulnerability in its PAM (Pluggable Authentication Module) software package. The flaw…
AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV
Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific versions of its native clients for Amazon WorkSpaces, Amazon AppStream 2.0,…
Lords debate government approach to automated decision-making
The UK government has expressed “reservations” about legislative proposals from Lord Tim Clement-Jones to improve the scrutiny of algorithmic decision-making tools in the public sector,…
Exploring the Vishing Threat Landscape
Voice phishing, also known as vishing, represents a growing threat to organizations worldwide. Keepnet’s 2024 Vishing Response Report illuminates the alarming statistic that 70% of…
New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
Jan 17, 2025Ravie LakshmananCybersecurity / Threat Intelligence Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that’s capable of Microsoft 365 accounts with an…
Enterprises need to make better choices to reduce GenAI emissions
The mounting environmental impacts of generative artificial intelligence (GenAI) systems can be significantly reduced if businesses “choose the right model” for their use cases and…