Business

1168 articles

HR phishing: self-evaluation questionnaire

Self-evaluation questionnaire phishing scam

Attackers invite employees to complete fake self-evaluations to steal corporate credentials.

Top-7 CISO time killers and how to boost the performance of the whole infosec team

How to lessen the workload on the CISO and their team

What tasks needlessly overload infosec experts, and how to break the curse of overtime.

Are Electron-based desktop applications secure?

Security of Electron-based desktop applications

A few words on why desktop applications based on the Electron framework should be approached with caution.

System time jumps in Windows: possible cause

Wrong system time and insecure Secure Time Seeding 

Why the Windows system time can suddenly change, and how to stop it from happening.

Ways to protect WordPress sites and blogs from hacking

How to stop your site from being a partner in crime

Why criminals want to hack your website, how they might use it in new attacks, and how to stop them.

OSINT: what’s the danger, and how to stay safe

We explain what OSINT is, why it has to be front-of-mind at all times, and how to guard against hackers using it.

What to patch first: prioritizing updates

Some thoughts on what PC software patches should be prioritized and why.

8 anti-leak measures to protect information when an employee leaves

The security aspect of employee offboarding

Offboarded employees often retain access to work information. What are the risks, and how to deal with them?

Zenbleed: hardware vulnerability in AMD CPUs

Zenbleed: new hardware vulnerability in AMD CPUs

Explaining an issue in popular PC and server CPUs in simple terms.

Information security gadgets

Gadgets to help protect employees’ devices against hackers and other threats.

TunnelCrack vulnerabilities in VPN clients

How to fix TunnelCrack VPN leaks

What caused a mass vulnerability in VPN clients, and how to keep them working.

CVE-2017-11882: five years of exploitation

It means that some companies still have not installed MS Office patches that were published 5 years ago.

Social engineering: top-3 hacks of recent years

Three high-profile social engineering hacks

How social engineering helped hack the CIA chief, hijack Elon Musk and Joe Biden’s Twitter accounts, and steal half-a-billion dollars.

Hardware you can’t upgrade, and compensatory measures

How to protect legacy IT systems

Legacy systems continue to toil away in embedded solutions, medical equipment, and precision instruments. How can the respective security risks be mitigated?

Lookalike domains and how to spot them

Fake websites and email addresses are often used in phishing and targeted attacks. How do fake domains get created, and how to spot one?

Key trends in IT and related cyber-risks

IT trends and cybersecurity in 2023

What security aspects should be top-of-mind when implementing important changes in corporate IT infrastructure?

Measures to improve cyber-resilience of an organization

Nevermore: stop your company getting hacked again

After a hack, a company needs to improve security quickly and effectively. We outline the first steps to cyber-resilience.

Protecting for the Linux embedded devices

Should we protect embedded Linux devices?

Can Linux-based embedded systems be considered secure by default or do they require additional protection?

Identity theft — a century ago

How did scammers pull off a MitM attack and 2FA bypass in… 1915?!

RowPress RAM attack

New attack method that bitflips memory cells.

Band-aid on a… corpse: Microsoft patches IE — again

July Microsoft Patch Tuesday: a collection of exploited vulnerabilities.

Privacy & Kids