High stakes, long hours, and a rapidly evolving threat landscape present unique barriers to happiness for security and IT teams. It’s not surprising that 63% of security practitioners report some level of burnout, and 58% of IT professionals feel overwhelmed by the amount of tasks they have to do in a day. Organizations simply can’t afford to ignore these statistics.

When you consider national and global cybersecurity, a handful of names stand out. Two of the largest are NIST and ISO/IEC. Both of these organizations have issued plenty of rulings and frameworks for securing digital systems, and in a sense, they can be viewed as competitors. So, what’s the difference, where is the overlap, and which option is right for your business?

Educators create many passwords for accounts in both their personal and professional lives. Password management is crucial for educators, not only to keep track of their professional passwords but also to separate those from their personal passwords. Teachers need a reliable place to store passwords for many online accounts, applications and programs, no matter which grades or subjects they teach. Read more to learn why password management is essential for teachers.

In the dynamic world of cyber threats, the X-FILES stealer has emerged as a particularly dangerous and sophisticated piece of malware. First discovered in March 2021, this malware gained significant attention after a second variant surfaced later that year. Known for its efficiency in targeting vulnerable systems globally, X-FILES has become a top priority for cybersecurity professionals.

On August 13, 2024, SolarWinds released a hotfix for CVE-2024-28986, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an IT service management software widely used across various industries for tracking and managing support tickets. This vulnerability arises from a Java deserialization flaw, which could enable a remote attacker to execute arbitrary code on vulnerable hosts.

Being a bad guy on the Internet is a really good business. In more than 90% of cybersecurity incidents, phishing is the root cause of the attack, and during this third week of August phishing attacks were reported against the U.S. elections, in the geopolitical conflict between the U.S., Israel, and Iran, and to cause $60M in corporate losses.

A review of AI-generated malware, and how a SOC might deal with the ever-increasing threat… Theofanis Dimakis, SOC Officer, and Nikolaos Tsompanidis, Threat Detection & Response Expert at Obrela, speaking during the recent CRESTCon Europe event, shared insights from their perspective into detecting malware, including the rising tide of AI variants.

Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’ll discuss quick and easy steps to keep your digital payments secure. Honestly, we think the world’s transition to digital payments was unsettlingly quick. Consumers were thrust into the world of digital payments without sufficient awareness of best practices or knowledge of what is trustworthy when it comes to online transactions.

Imagine for a moment that your home has a rodent problem. To address this, you install a fancy system designed to automatically detect and trap animals before they can roam around your house and cause any damage. The system seems to work well; from time to time, you arrive home to find a mouse or a squirrel caught by the device. No big deal, right? Lots of small critters about and the system is working as designed to catch them.

Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could exploit this vulnerability, leading to remote code execution. Systems that have IPv6 disabled are not susceptible to this vulnerability.