Information security

Information security

"This year, passwords are a key theme, with a specific three-day schedule devoted to finding solutions to one of computing's oldest security challenges."

HPE Aruba Networking has introduced Central NAC, a cloud-based Network Access Control solution that enhances network security by identifying connected devices and their rights.

The threat actor leveraged combinations of sophisticated and stealthy techniques creating multilayered attack kill chains to facilitate access to restricted and segmented network assets within presumed to be isolated environments.

New hires are 44% more likely to click on malicious links than seasoned colleagues, highlighting a critical need for robust security training during onboarding.

"CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS."

North Korean threat actors successfully delivered a malware loader named XORIndex through 67 malicious packages on the npm repository, accumulating over 17,000 downloads.

According to the study, 73% said they already work with an MSP, rising to 96% when adding those considering collaboration.

The number of CVE reports is projected to exceed 40,000 in 2025, with an average of 131 reports per day observed in early 2025.

"People don't believe it will happen until it happens. The first public attack breaking encryption will trigger urgency," said Julio Padilha, CISO of Volkswagen & Audi, South America.