SMB

What’s the principle of least privilege, why’s it needed, and how does it help secure corporate information assets?

Attackers are hijacking hotel accounts on Booking.com, and stealing their clients’ banking data through its internal messaging system.

Methods used by attackers to redirect victims to malicious and phishing sites from seemingly safe URLs.

Cybercriminals send the Remcos remote-access trojan under the guise of letters from a new client.

Typical security issues of WordPress, and how they can be addressed to protect your website or online store from cybercriminals.

Espionage operations to hack corporate routers are now commonplace — and all organizations need to be aware of this.

How attackers use infected archives and malicious browser extensions to steal Facebook Business accounts.

Four handy ways to lock your screen on Windows and macOS.

It’s time to update Confluence Data Center and Confluence Server: they contain a serious vulnerability that allows unauthorized creation of administrator accounts.

Examples of password policies that will have users tearing their hair out — and why you shouldn’t employ them.

We look at a new sophisticated attack on AMD and Intel integrated graphics cards.

How online services should store user passwords, and how to minimize the damage in the event of a leak or hack.

A few words on why desktop applications based on the Electron framework should be approached with caution.

Why the Windows system time can suddenly change, and how to stop it from happening.

Why criminals want to hack your website, how they might use it in new attacks, and how to stop them.

Some thoughts on what PC software patches should be prioritized and why.

Gadgets to help protect employees’ devices against hackers and other threats.

What caused a mass vulnerability in VPN clients, and how to keep them working.

It means that some companies still have not installed MS Office patches that were published 5 years ago.

Fake websites and email addresses are often used in phishing and targeted attacks. How do fake domains get created, and how to spot one?

How did scammers pull off a MitM attack and 2FA bypass in… 1915?!