CISOs are juggling security, responsibility, and burnout

This article gathers excerpts from multiple reports, presenting statistics and insights that may be valuable for CISOs, helping them with informed decision-making, risk management, and developing strategies to enhance their organization’s cyberse… Continue reading CISOs are juggling security, responsibility, and burnout

UK domain registry Nominet breached via Ivanti zero-day

The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver Foundation shared today. In the meantime, UK domain registry Nominet became the fi… Continue reading UK domain registry Nominet breached via Ivanti zero-day

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance

Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products released in 2024. While this security technology trend will co… Continue reading January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance

New zero-day exploit targets Ivanti VPN product

Mandiant says it found malware in impacted devices associated with a Chinese-linked threat group.

The post New zero-day exploit targets Ivanti VPN product appeared first on CyberScoop.

Continue reading New zero-day exploit targets Ivanti VPN product

Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)

The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant researchers have shared. It’s still impossible to say whether they were mount… Continue reading Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. About CVE-2025-0282 and CVE-20… Continue reading Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

AI is becoming the weapon of choice for cybercriminals

AI changes how organizations look at cybersecurity GenAI is compromising security while promising efficiency This article highlights key findings from 2024 reports on AI and GenAI technologies, focusing on their potential and major challenges. Overreli… Continue reading AI is becoming the weapon of choice for cybercriminals