Category Archives: week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The top 200 most common passwords in 2022 are bad, mkay? According to NordPass’ latest list of top 200 most common passwords in 2022, “password” is the mo… Continue reading Week in review: Log4Shell lingers, NIS2 directive adopted, LastPass breached (again)→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google seeks to make Cobalt Strike useless to attackers Google Cloud’s intelligence research and applications team has created and released a collection o… Continue reading Week in review: 5 free CISA resources, surviving a DDoS attack, Google to make Cobalt Strike useless→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: As trust in online spaces degrades, Canada bolsters resilience against cyber attacks In this Help Net Security interview, Sami Khoury, Head of the Canadia… Continue reading Week in review: 5 Kali Linux tools, Spotify’s Backstage vulnerability, Cybertech NYC 2022→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Taking cybersecurity investments to the next level In this Help Net Security interview, the former Trident Capital leader offers insight into innovation i… Continue reading Week in review: Microsoft fixes many zero-days, malicious droppers on Google Play, IRISSCON 2022→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: ConnectWise backup solutions open to RCE, patch ASAP! ConnectWise has fixed a critical vulnerability in ConnectWise Recover and R1Soft Server Backup Manag… Continue reading Week in review: High-severity OpenSSL vulnerabilities fixed, Patch Tuesday forecast→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Incoming OpenSSL critical fix: Organizations, users, get ready! The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSS… Continue reading Week in review: OpenSSL critical fix, Medibank data breach, Apple fixes zero-day vulnerability→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Medibank hack turned into a data breach: The attackers are demanding money Medibank, Australia’s largest private health provider, has confirmed that last … Continue reading Week in review: CISA releases RedEye, Apache Commons Text flaw, Medibank data breach→

Lack of transparency, systemic risks weaken national cybersecurity preparedness Bob Kolasky, SVP for Critical Infrastructure at Exiger, previously served as Assistant Director for Cybersecurity and Infrastructure Security Agency (CISA), and in this Hel… Continue reading Week in review: 3FA, Fortinet firewalls under attack, and the riskiest connected devices→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MS Exchange zero-days: The calm before the storm? CVE-2022-41040 and CVE-2022-41082, the two exploited MS Exchange zero-days that still have no official f… Continue reading Week in review: 7 cybersecurity audiobooks to read, Patch Tuesday forecast→

SpyCast: Cross-platform mDNS enumeration tool SpyCast is a cross-platform mDNS enumeration tool that can work either in active mode by recursively querying services or in passive mode by only listening to multicast packets. Attackers use novel techniqu… Continue reading Week in review: MS Exchange zero-days exploited, AD attack paths, developing secure APIs→