Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover
A vulnerability found in the Really Simple Security plug-in allows an attacker to remotely gain access to any account on an affected website, including the administrator, when 2FA is enabled.
Jen Easterly, CISA Director, to Step Down on Inauguration Day
Other Biden administration appointees at CISA will also submit their resignations on Jan. 20, as the cyberdefense agency prepares for President-elect Trump’s new DHS director.
Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems
SANS recently published its 2024 State of ICS.OT Cybersecurity report, highlighting the skills of cyber professionals working in critical infrastructure, budget estimates, and emerging technologies. The report also looked at the most common types of attack vectors used against ICT/OT networks.
How to Win at Cyber by Influencing People
Zero trust is a mature approach that will improve your organization’s security.
Oh, the Humanity! How to Make Humans Part of Cybersecurity Design
Government and industry want to jump-start the conversation around "human-centric cybersecurity" to boost the usability and effectiveness of security products and services.
OWASP Releases AI Security Guidance
OWASP released guidance materials addressing how to respond to deepfakes, AI security best practices, and how to secure open source and commercial generative AI applications.
Microsoft Expands Access to Windows Recall AI Feature
The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.
8 Tips for Hiring and Training Neurodivergent Talent
Neurodivergent talent can add so much to a cybersecurity team. How can companies ensure they have the right hiring and onboarding practices in place to help these employees succeed?
Israel Defies VC Downturn With More Cybersecurity Investments
With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe.
Microsoft Boosts Device Security With Windows Resiliency Initiative
Microsoft is readying a new release of Windows in 2025 that will have significant security controls such as more resilient drivers and "self-defending" operating system kernel.




