All posts

Don’t panic. Again, don’t panic. Did we say don’t panic? A common threat explained in simple terms.

Regulation and the evolving threat landscape are driving companies to adopt more resilient forms of employee authentication. Are passkeys a cost-effective and straightforward replacement for traditional passwords?

Scammers are tricking people into giving up cryptocurrency through Google Forms surveys. Here is what they are doing and how to avoid falling victim to this scam.

Causes of discrepancies in Common Vulnerability Scoring System ratings, common mistakes when using CVSS for vulnerability prioritization, and how to do this right.

Two critical zero-day vulnerabilities in SharePoint are actively exploited by attackers in real-world attacks.

A curious case of spear-phishing email techniques employed on a mass scale.

Wi-Fi sensing lets you monitor motion in your home – without cameras or motion sensors. We weigh the pros and cons of this increasingly popular technology.

Why advanced attackers are interested in your home Wi-Fi access points, and how they maintain control over your devices.

How the research tool Defendnot disables Microsoft Defender by registering a fake antivirus, and why you shouldn’t always trust what your operating system says.

This is a story of how a blockchain developer lost US$500 000 to a fake Solidity extension from the Open VSX marketplace.

Scammers have figured out how to send text messages that actually bypass cellular networks. How does illicit “SMS blasting” work, why does it matter for travelers, and how to stay safe.

Google has rolled out an update for Android that gives Gemini access to your Phone, Messages, WhatsApp, and Utilities data without your explicit consent. Here’s a detailed guide on how to disable these permissions.

Adjust your daily routines to leave as little data about yourself online as possible.

How cybercriminals can exploit your online store — and how to stop them.

We’ve made a guide to the best apps for travelers.

Funny hacks that became internet legends: talking traffic lights, a high-school Rickroll, robot vacuums on the rampage, a Lenovo defacement, and a Burger King hijack.

How integrated industrial cybersecurity solutions protect OT networks and reduce the cost of critical incidents.

This guide dives into using passkeys to sign in from someone else’s computer, storing them on a removable device, and transferring between devices.

Drawing from INTERPOL’s just-released Africa Cyberthreat Assessment Report, we identify which threats most often target developing businesses – and how to stop them.

Can you ditch passwords entirely for passkeys? We explore when it’s possible, and when it’s still a challenge.

Researchers have found several vulnerabilities in the Sitecore CMS platform that enable unauthenticated remote code execution (RCE).