August Patch Tuesday includes blasts from the (recent) past
Microsoft haul this month covers 109 CVEs… more or less
Microsoft haul this month covers 109 CVEs… more or less
Related
Change Healthcare Breach Impact Doubles to 190M People
One of the largest data breaches in history was apparently twice as impactful as previously thought, with PII belonging to hundreds of millions of people sitting in the hands of cybercriminals.
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security (DHS). “In alignment with the Department of Homeland Security’s (DHS) commitment to eliminating the misuse of resources and ensuring that DHS activities prioritize our national security, I am directing the termination of all current memberships on…
5 Reasons Device Management Isn’t Device Trust
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture. The solution is more complex. For this article, we’ll focus on the device threat…
Nineteen Sophos Women Recognized by CRN’s Women of the Channel
CRN honors Sophos women whose channel expertise and vision are deserving of recognition.
Experts Debate Real ID Security Ahead of May 7 Deadline
Real IDs have been in the works since 2005. Are their security standards still rigorous enough in 2025?
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. “An improper neutralization of special elements used in an SQL command (‘SQL Injection’)…