One Click Is All It Takes: The Danger of CSRF Attacks

CSRF attack or Cross-site request forgery is a very dangerous and stealthy web security vulnerability that exploits trust from a user's browser for a web application. A successful CSRF attack deceives an authenticated user into performing some operations without his consent-like account modification or payment or financial transaction against his will. Most alarming in such cases is that CSRF attacks usually remain unknown for end-users that make defending against them difficult.

Hybrid SOC: The Key to NIS 2 Compliance and MSP Growth

In recent years, cybersecurity regulations have evolved to address more sophisticated cyber threats. In Europe, the NIS 2 directive is increasing pressure on managed service providers (MSPs) to ensure both technical resilience and regulatory compliance. While 78% of private sector leaders believe cybersecurity regulations effectively mitigate risk, many still need support with compliance.

CVE-2025-32756: Exploitation of Critical Severity Zero-Day Vulnerability in Fortinet FortiVoice

On May 13, 2025, Fortinet published a security advisory on a critical severity stack-based overflow vulnerability, CVE-2025-32756, impacting FortiVoice, FortiCamera, FortiMail, FortiNDR, and FortiRecorder. The vulnerability allows remote unauthenticated threat actors to execute arbitrary code or commands via crafted HTTP requests. In the advisory Fortinet stated that the vulnerability has been exploited in the wild on FortiVoice.

Is Your Code Safe? Hidden Risks & Security Measures | Mend.io #cybersecurity #softwaresecurity

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Actions to Take Following the M&S Cyber Attack

In light of the recent disclosure by Marks & Spencer (M&S) regarding a cyber attack that resulted in the theft of customer data, we strongly recommend that if you are affected you take immediate and proactive steps to protect your digital identity and reduce the risk of further compromise.

Cyber Deception as a Strategic Pillar in Active Defense

The cat-and-mouse game of cybersecurity never stops, and cyber deception in active defense gives defenders a powerful edge. Sun Tzu’s ancient wisdom “All warfare is based on deception” fits modern cyber defense strategies perfectly. Outsmarting adversaries has become just as crucial as blocking them.

Top 5 Proactive Threat Intelligence Use Cases for Enhanced Cyber Defense

In this fast-moving world where businesses operate completely through IT infrastructure, waiting for a threat to happen and finding a solution isn’t enough. There should be a proactive approach, where you spot and remove a threat even before it touches your systems.

A practitioner's guide to classifying every asset in your attack surface

“You can’t secure what you don’t know exists.” It’s a common refrain in cybersecurity (and for good reason!). But the reality is a bit more complex: it’s not enough to just know that something exists. To effectively secure your assets, you need to understand what each of them is. Without proper classification, applying the right security processes or tools becomes a guessing game.

How to safely change your name without putting your identity at risk

Changing your name? Learn how to do it safely without risking your identity. Discover essential steps to protect personal data and avoid fraud during a name change—plus how Avast Secure Identity can help. Changing your name—whether due to marriage, divorce, or personal choice—is a significant life event. However, this process involves sharing sensitive personal information across various platforms, making it a potential target for identity theft.