February 2024

81% of Organizations Cite Phishing as the Top Security Risk

Feb 8, 2024 By Stu Sjouwerman In KnowBe4

Organizations are finally dialing in on where they need to focus their cybersecurity strategies, starting with phishing. But the top four cited security risks all have one element in common. Organizations today realize that maintaining operational resilience is a matter of measuring and addressing risk. According to the 2024 Fortra State of Cybersecurity Survey Results Guide there is a distinct cybersecurity risk that stands out among its peers.

Read Post

KnowBe4

Read more about 81% of Organizations Cite Phishing as the Top Security Risk

Best Practices to Address SharePoint Security Concerns

Feb 8, 2024 By Rod Bernabe In archTIS

Modern enterprises are increasingly relying on cloud collaboration to enhance their business productivity, efficiency, and communication. While these cloud-based solutions offer numerous benefits, they also come with a range of potential security risks. Among these risks, enterprise SharePoint security concerns are some of the most significant. It is essential to adopt best practices that can mitigate these risks and safeguard your organization’s valuable data and assets.

Read Post

archTIS

Read more about Best Practices to Address SharePoint Security Concerns

New Year, New Ivanti Vulnerability

Feb 8, 2024 By Ben Edwards In BitSight

Welcome folks! It’s 2024 and we here at Bitsight are kicking off a series of short informative posts on events that caught our attention as cognition authorities1 each month. We’re excited to report on the interesting things Bitsight found.

Read Post

BitSight

Read more about New Year, New Ivanti Vulnerability

Legislative Challenges: Navigating Knee-Jerk Reactions in Cybersecurity || Razorthorn Security

Feb 8, 2024 By Razorthorn In Razorthorn

Explore the pitfalls of knee-jerk legislative reactions in the ever-evolving landscape of cybersecurity in our latest video. Delve into the challenges faced by organizations as they grapple with sudden directives that often emerge as a response to unforeseen events. The knee-jerk nature of some legislation raises crucial questions about the consultation process, leaving cybersecurity professionals wondering if insights from the infosec world were considered.

View Video

Razorthorn

Read more about Legislative Challenges: Navigating Knee-Jerk Reactions in Cybersecurity || Razorthorn Security

Avast Blocks Record Breaking 10 Billion Attacks in 2023, Nearly a 50% Increase from Previous Year

Feb 7, 2024 By Avast In Avast

Malicious push notifications, PDF deception, cookie exploiting information stealers and more in Q4 2023.

Read Post

Avast

Read more about Avast Blocks Record Breaking 10 Billion Attacks in 2023, Nearly a 50% Increase from Previous Year

Why Indian companies need to adhere to the DPDP Act

Feb 7, 2024 By ManageEngine In ManageEngine

The Indian government implemented the Data Protection and Privacy (DPDP) Act, a groundbreaking measure designed to regulate data protection within the country, in August 2023. In today’s rapidly evolving digital era, it has become increasingly important to have robust legislation in place to safeguard people’s data. With so much information being shared online, this act protects our data from misuse and unauthorized access.

Read Post

ManageEngine

Read more about Why Indian companies need to adhere to the DPDP Act

Untangling Scattered Spider's Web: Hunting for RMM Tools | Threat SnapShot

Feb 7, 2024 By SnapAttack In SnapAttack

Remote Monitoring and Management (RMM) tools, traditionally utilized by IT departments to oversee and manage network infrastructure, software, and systems remotely, have increasingly become a double-edged sword in cybersecurity. The recent breach of AnyDesk, a popular RMM software, underscores the criticality of securing these tools against exploitation. Adversaries like Scattered Spider exploit these legitimate tools for malicious purposes, leveraging them to gain unauthorized access, maintain persistence, and conduct lateral movement within targeted networks.

View Video

SnapAttack

Read more about Untangling Scattered Spider's Web: Hunting for RMM Tools | Threat SnapShot

Are Your Vulnerable Systems Pets or Cattle?

Feb 7, 2024 By Tanvi Tapadia In Seemplicity

Vulnerability remediation is no small feat – especially if your security and remediation teams are understaffed and overwhelmed. Because vulnerabilities extend across the code, cloud, and infrastructure in your attack surface, and can vary drastically in their criticality, location, type, or affected systems, one-size-fits-all approaches are rarely the answer.

Read Post

Seemplicity

Read more about Are Your Vulnerable Systems Pets or Cattle?

CVSS 4.0 is Here: How to Make the Most of It

Feb 7, 2024 By AJ Starita In Mend

The CVSS (Common Vulnerability Scoring System) is a widely used standard that produces a score between 0 and 10 to indicate the level of severity of a vulnerability. The most popular spot to find CVSS scores is on the National Vulnerability Database (NVD) website, where you’ll see CVSS scores for all CVE (Common Vulnerabilities and Exposures) IDs.

Read Post

Mend

Read more about CVSS 4.0 is Here: How to Make the Most of It

How to Secure IT Assets: A Step-by-Step Guide

Feb 7, 2024 By Alastair Digby In Informer

In the age of attack surface expansion, securing IT assets is no longer optional—it’s a necessity. IT and cybersecurity leaders must protect their organisation’s digital assets from increasing cyber threats. Cybersecurity Ventures predicts that cybercrime will cost the world $10.5 trillion annually by 2025, according to their report. This underscores the importance of having a robust security strategy in place.

Read Post

Informer

Read more about How to Secure IT Assets: A Step-by-Step Guide

Securing Database Access: DPA Zero Standing Privilege Approach with Native pgAdmin Utility

Feb 7, 2024 By CyberArk In CyberArk

In this video, we'll guide you through the process of utilising CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the PGadmin client, leveraging the secure foundation of JIT access approach for enhanced security and efficiency.

View Video

CyberArk

Read more about Securing Database Access: DPA Zero Standing Privilege Approach with Native pgAdmin Utility

The Evolution of Supplier Risk Management

Feb 7, 2024 By [email protected] In JUMPSEC

Recent supply chain attacks, from SolarWinds to 3CX and MOVEit, illustrate the impact that can occur when a single widely used software platform is compromised, thereby enabling attackers to use this initial access as an entry point into any number of subsequent networks. Often the intention is to propagate malware or leverage sensitive data to extort victim organisations.

Read Post

JUMPSEC

Read more about The Evolution of Supplier Risk Management

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2024

81% of Organizations Cite Phishing as the Top Security Risk

Best Practices to Address SharePoint Security Concerns

New Year, New Ivanti Vulnerability

Legislative Challenges: Navigating Knee-Jerk Reactions in Cybersecurity || Razorthorn Security

Avast Blocks Record Breaking 10 Billion Attacks in 2023, Nearly a 50% Increase from Previous Year

Why Indian companies need to adhere to the DPDP Act

Untangling Scattered Spider's Web: Hunting for RMM Tools | Threat SnapShot

Are Your Vulnerable Systems Pets or Cattle?

CVSS 4.0 is Here: How to Make the Most of It

How to Secure IT Assets: A Step-by-Step Guide

Securing Database Access: DPA Zero Standing Privilege Approach with Native pgAdmin Utility

The Evolution of Supplier Risk Management

Monthly Archive

Follow Us