A new malware campaign by Russia affiliated threat actor Fancy Bear, targeting defense and government sectors of EU and SEE nations.

When new vulnerabilities are published, admins need to prioritize. A single CVSS score is not enough and often misleading.

Credential theft is becoming the default for gaining initial access to attacked systems. That is actually good news.

U.S. FBI and CISA agencies released an advisory on the cyberattack against Albania this summer. The technical details are revealing.

Both Google's Project Zero and The Zero Day Initiative (ZDI) report rising numbers of discovered zero days. That's probably a good thing.

Last week's Uber hack shows how vulnerable IT systems are, once a user account is compromised.

The EU is introducing the Cyber Resilience Act, a new cybersecurity regulation. Is it already outdated and lagging behind the attackers?

A survey documents the dramatic rise of Zero Trust (ZTNA) architecture's popularity since the pandemics. But what exactly does ZTNA entail?

Microsoft addresses 63 CVEs in its September 2022 Patch Tuesday release. Two deserve special attention.