On February 2, 2024, AnyDesk confirmed a compromise of its production systems in a security advisory, leading the company to revoke all security-related keys, including the cryptographic code-signing certificate used to publish their software. As an additional precaution, AnyDesk also reset user passwords on the AnyDesk web portal. AnyDesk has started using a new code signing certificate as of AnyDesk version 8.0.8.

When it comes to managing hidden risk and shadow IT, our primary challenge as cybersecurity practitioners is securing the organization’s data and applications while empowering users to perform their duties efficiently. After all, one survey found that 67% of employees aren’t completely satisfied with their workplace tools and technologies—often resulting in the adoption of unsanctioned applications.

Git is a distributed version control system that empowers developers with version control features and local repositories. In most production settings, Git is paired with a hosted service for distributed access with minimal repository configuration requirements. However, using a hosted server for source control can introduce new attack vectors in source control management (SCM). This article provides suggestions for security concerns around Git use.

Organizations are increasingly adopting cloud technologies, mainly to secure their sensitive data. But are these cloud infrastructures so secure? We all know that companies worldwide are challenged by the ongoing volume of evolving security threats and by retaining qualified professionals to respond to these threats. On average, large organizations get approximately 17,000 security alerts a week, and it takes 99 days to discover security breaches.

Nowadays, most of the applications are deployed on containers and orchestrated using Kubernetes or similar technology. Due to this, the performance, stability, and scalability are highly increased. But, it also widens up the attack surface if proper security controls, techniques, tools, and practices are not followed/used. So, if your application is running on containers or if you are thinking about deploying containers, then learning about container security best practices is a must.

The General Data Protection Regulation (GDPR) is a European Union law that governs how companies may collect and use the personal data of EU residents. It establishes standards that help ensure that this data is not stored, handled or shared in a way that would expose individuals to risk. The law also specifies how organizations must respond in case of a data breach.

This blog post explores what endpoint devices are and why businesses of all sizes should be prioritizing endpoint security.

On January 16, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) sent out a Cybersecurity Advisory (CSA) about active threat actors deploying the AndroxGh0st malware. This is significant as cyber criminals are actively using this malware to target Laravel (CVE-2018-15133) (an open source PHP framework).env files and obtain credentials for various high profile applications like Office365, SendGrid, and Twilio.

Fireblocks now offers instant fiat-to-crypto transfers across 5 of the most highly-transacted global fiat currencies, thanks to our integration with BCB Group. This advancement leverages the BLINC network, providing Fireblocks customers with the ability to quickly fund their exchange accounts and facilitate 24/7 fiat movement between trading venues and counterparties.

At Cato our number one goal has always been to simplify networking and security, we even wrote it on a cake once so it must be true: Figure 1 – A birthday cake Applying this principle to our XDR offering, we aimed at reducing the complexity of analyzing security and network incidents, using a data-driven approach that is based on the vast amounts of data we see across our global network and collect into our data lake.