MonthMay 2021

3 SASE Misconceptions to Consider

SASE is all the rage, promising things IT leaders have long dreamed about, but a purist approach may create consequences.

Chinese APT Groups Continue to Pound Away on Pulse Secure VPNs

Security vendor says it has observed threat groups using a set of 16 tools specifically designed to attack Pulse Secure devices since April 2020.

Chart: Cloud Concerns

As more organizations make their way to the cloud, their eyes are wide open to the associated cybersecurity risks that tag along for the ride.

Modern SOCs a ‘Painful’ Challenge Amid Growing Complexity: Report

A new study examines the tools and technologies driving investment and activities for security operations centers.

SolarWinds Attackers Impersonate USAID in Advanced Email Campaign

Microsoft shares the details of a wide-scale malicious email campaign attributed to Nobelium, the group linked to the SolarWinds supply chain attack.

A Wrench and a Screwdriver: Critical Infrastructure’s Last, Best Lines of Defense?

Critical infrastructure's cybersecurity problems are complex, deep-rooted, and daunting. Addressing them won't be easy...but it isn't impossible.

Siemens Patches Major PLC Flaw that Bypasses Its ‘Sandbox’ Protection

Researchers from Claroty today detailed the memory vuln they discovered in Siemens SIMATIC S7-1200 and S7-1500 PLCs.

Plug-ins for Code Editors Pose Developer-Security Threat

There are two critical vulnerabilities in plug-ins for the popular Visual Studio Code editor, now patched, but security firm Snyk warns that popular plug-ins could put development environments in jeopardy.

Most Mobile Apps Can Be Compromised in 15 Minutes or Less

In the name of releasing apps quickly and delivering a smooth user experience, mobile app security is often given short shrift.

‘Have I Been Pwned’ Code Base Now Open Source

Founder Troy Hunt also announces the platform will receive compromised passwords the FBI finds in its investigations.