Another critical vulnerability in Apache Foundation software (CVE-2022-42889) reminds users of last year's Log4Shell catastrophic blunder.

A detailed look into the relatively new "Ransom Cartel" ransomware reveals the range of techniques used by threat actors today.

Attacker techniques are leveraging Microsoft Active Directory as the enabler for ransomware spread.

Microsoft Patch Tuesday release for October 2022 documents 85 fixed vulnerabilities. Exchange users left waiting for zero-day patch.

Beyond phishing, how are hackers infiltrating networks? CISA offers some clues.

Mandatory password resets are still being observed in many organizations, even though the practice can now decrease security posture.

The explosion of security related events is saturating the ability to analyze and respond. It is time to outsource.

The emergence of a Microsoft Exchange flaw as well as Vmware malware shows how difficult it is becoming to run on-prem infrastructure.

Once an attacker has gained initial access to a network (usually via phishing), it becomes crucial to have operational visibility.