Organizations Are Knowingly Releasing Vulnerable Applications
92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house. Read More

Vmware Pushes Admins To Uninstall Vulnerable, Deprecated Vsphere Plugin 
The vulnerabilities haven’t been and won’t be fixed. Instead, VMware is urging admins to remove the EAP plugin. Read More

As the digital landscape evolves, so do the threats facing all organizations, especially as they move their operations to the cloud. Projections indicate that by 2025, a staggering 85% of organizations will rely on cloud-native platforms.

With this shift comes increased interest from malicious actors looking to exploit vulnerabilities and gain access to sensitive data of all types. In light of this, advanced penetration testing techniques are necessary to counter the ever-changing cloud security threat landscape.

In this article, we will explore seven key strategies through which penetration testing can fortify your cloud infrastructure, ensuring its resilience against potential threats including data exfiltration.

Critical Shim Bug Impacts Every Linux Boot Loader Signed In The Past Decade 
There are currently 5 vulnerabilities in Shim that could allow a network attacker to bypass secure boot and take over a vulnerable Linux system. Read More

With the digital landscape constantly changing, it's crucial to stay ahead of cybersecurity threats, and advanced penetration testing is a key strategy for strengthening your organization’s defenses.

As businesses grapple with increasingly sophisticated cyber threats, the field of penetration testing continues to evolve, giving rise to new and innovative methodologies.

Biggest Data Leak in History Exposes 26B Records
Most of the exposed data, found on an open instance likely owned by a threat actor or data broker, was from the Chinese instant messaging app Tencent QQ. At the same time, Weibo, MySpace, Twitter, and Wattpad also had hundreds of millions of leaked credentials and other information. Read More

Massive Comcast Xfinity Data Breach Impacts 36 Million Customers
Comcast disclosed that hackers exploited a Citrix vulnerability between October 16 and October 19, 2023. Read More

Attack surface discovery is a crucial component of any organization’s cyber security strategy, allowing teams to identify potential entry points – also known as attack vectors – that could present a cyber threat. Without proper attack surface management, organizations risk exposure to breaches in systems, devices, and the overall network.

Happy New Year and Thank You to Our 7,000+ Readers!

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 
China-linked hackers continue to target Barracuda Email Security Gateway (ESG) appliances, with recent attacks involving the exploitation of a new zero-day vulnerability. Read More

FBI Explains How Companies Can Delay Sec Cyber Incident Disclosures
The FBI worked with the Department of Justice to create a guidance document for victims about how companies can “request disclosure delays for national security or public safety reasons.” Read More