A vulnerability in the HNAP login request protocol that affects a family of devices gives unauthenticated users root access for command execution.

CISOs are now considered part of the organizational executive leadership and have both the responsibility and the opportunity to drive not just security but business success.

SANS Institute experts weigh in on the top threat vectors faced by enterprises and the public at large.

The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.

CVE-2024-30051, under active exploit, is the most concerning out of this month's Patch Tuesday offerings, and already being abused by several QakBot actors.

While the protocol has made passwordless authentication a reality, token-binding is key to prevent against token theft and reuse, security vendor says.