SMB

Cybercriminals prey on access to mailing tools by sending phishing emails through these same tools.

The KeyTrap DoS attack, which can disable DNS servers with a single malicious packet exploiting a vulnerability in DNSSEC.

Why cybercriminals want to attack PR and marketing staff and, crucially, how to protect your company from financial and reputational harm.

Our colleagues conducted a study in which, among other things, they assessed how education in the field of information security relates to a career in that field.

A fresh study of some unexpected properties of a standard feature of all modern smartphones and tablets.

A vulnerability in the glibc library affects most major Linux distributions.

Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.

Single sign-on is supposed to enhance corporate security, but it’s essential that cloud vendors have the information security team’s back.

What’s the principle of least privilege, why’s it needed, and how does it help secure corporate information assets?

Attackers are hijacking hotel accounts on Booking.com, and stealing their clients’ banking data through its internal messaging system.

Methods used by attackers to redirect victims to malicious and phishing sites from seemingly safe URLs.

Cybercriminals send the Remcos remote-access trojan under the guise of letters from a new client.

Typical security issues of WordPress, and how they can be addressed to protect your website or online store from cybercriminals.

Espionage operations to hack corporate routers are now commonplace — and all organizations need to be aware of this.

How attackers use infected archives and malicious browser extensions to steal Facebook Business accounts.

Four handy ways to lock your screen on Windows and macOS.

Generative AI is now a common tool for many, but should business leaders be concerned?

It’s time to update Confluence Data Center and Confluence Server: they contain a serious vulnerability that allows unauthorized creation of administrator accounts.

Examples of password policies that will have users tearing their hair out — and why you shouldn’t employ them.

We look at a new sophisticated attack on AMD and Intel integrated graphics cards.

How online services should store user passwords, and how to minimize the damage in the event of a leak or hack.