The case for cybersecurity: Why successful businesses are built on protection
Company leaders need to recognize the gravity of cyber risk, turn awareness into action, and put security front and center
General
20 articles
Manufacturing under fire: Strengthening cyber-defenses amid surging threats
Manufacturers operate in one of the most unforgiving threat environments and face a unique set of pressures that make attacks particularly damaging
Cybersecurity Awareness Month 2025: Knowledge is power
We're kicking off the month with a focus on the human element: the first line of defense, but also the path of least resistance for many cybercriminals
This month in security with Tony Anscombe – September 2025 edition
The past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plans
Roblox executors: It’s all fun and games until someone gets hacked
You could be getting more than you bargained for when you download that cheat tool promising quick wins
Accelerating adoption of AI for cybersecurity at DEF CON 33
Posted by Elie Bursztein and Marianna Tishchenko, Google Privacy, Safety and Security Team Empowering cyber defenders with AI is critical to tilting the cybe...
WebSocket Turbo Intruder: Unearthing the WebSocket Goldmine
Many testers and tools give up the moment a protocol upgrade to WebSocket occurs, or only perform shallow analysis.
HybridPetya: The Petya/NotPetya copycat comes with a twist
HybridPetya is the fourth publicly known real or proof-of-concept bootkit with UEFI Secure Boot bypass functionality
[remote] Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell
Ilevia EVE X1/X5 Server 4.7.
[local] Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege
Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege
Are cybercriminals hacking your systems – or just logging in?
As bad actors often simply waltz through companies’ digital front doors with a key, here’s how to keep your own door locked tight
How Pixel and Android are bringing a new level of trust to your images with C2PA Content Credentials
Posted by Eric Lynch, Senior Product Manager, Android Security, and Sherif Hanna, Group Product Manager, Google C2PA Core At Made by Google 2025, we announce...
Preventing business disruption and building cyber-resilience with MDR
Given the serious financial and reputational risks of incidents that grind business to a halt, organizations need to prioritize a prevention-first cybersecur...
Under lock and key: Safeguarding business data with encryption
As the attack surface expands and the threat landscape grows more complex, it’s time to consider whether your data protection strategy is fit for purpose
Cookie Chaos: How to bypass __Host and __Secure cookie prefixes
Browsers added cookie prefixes to protect your sessions and stop attackers from setting harmful cookies.
This month in security with Tony Anscombe – August 2025 edition
From Meta shutting down millions of WhatsApp accounts linked to scam centers all the way to attacks at water facilities in Europe, August 2025 saw no shortag...
Don’t let “back to school” become “back to (cyber)bullying”
Cyberbullying is a fact of life in our digital-centric society, but there are ways to push back
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System
Executive summary People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, teleco...
"What happens online stays online" and other cyberbullying myths, debunked
Separating truth from fiction is the first step towards making better parenting decisions. Let’s puncture some of the most common misconceptions about online...
Beware the false false-positive: how to distinguish HTTP pipelining from request smuggling
Sometimes people think they've found HTTP request smuggling, when they're actually just observing HTTP keep-alive or pipelining.