A long overdue change in Microsoft Windows: account lockout policy turned on by default.

Back in 2021, a catastrophic flaw in the Log4J library forced many to patch their critical systems. Now, the US government is weighing in.

Innovations in phishing kits now enable bypass of MFA authentication, as shown in Microsoft's assessment of a successful campaign.

Ransomware providers and legitimate companies cover different market niches. In the case of the Maui ransomware, it's about healthcare.

As cyberattacks increase, organizations are under pressure to implement effective endpoint management solutions and tackle agent sprawl.

By misusing the PayPal logo and design, the phishing kit steals user credentials and more.

More frequent and sophisticated attacks challenge organizations to manage IT security while containing costs and using overburdened staff.

Firmware vulnerabilities are usually ignored by patching policies in organizations, potentially allow unrestricted access to endpoints.

Attackers start using Brute Ratel C4 to avoid detection, as alternative to Cobalt Strike