July 2024

CultureAI raises $10 million in Series A funding to evolve the way organisations manage human risk

Jul 17, 2024 By CultureAI In CultureAI

CultureAI has raised $10 million in capital. Mercia Ventures and Smedvig Ventures led the funding round. This funding will power CultureAI's product development and market expansion plans.

Read Post

CultureAI

Read more about CultureAI raises $10 million in Series A funding to evolve the way organisations manage human risk

Navigating Digital Nightmares: A Survivor's Battle Against Online Harassment

Jul 17, 2024 By The Cyber Helpline In The Cyber Helpline

Technology can serve as a double-edged sword for women grappling with domestic abuse: while it has the potential to save lives, it also has the capacity to lay bare one's most intimate vulnerabilities. One such harrowing story comes from a survivor (which we will call Bridget to protect her anonymity), who faced a nightmare of cyberstalking, intimate image abuse (colloquially known as revenge porn), and relentless online harassment that lasted for years.

Read Post

The Cyber Helpline

Read more about Navigating Digital Nightmares: A Survivor's Battle Against Online Harassment

One platform, complete protection: why data security is moving on from point solutions

Jul 17, 2024 By Cameron Galbraith In Cyberhaven

As the world enters the AI Era, CISOs and CIOs are looking at data security with renewed interest and urgency. Instead of multiple overlapping yet disconnected tools, it’s time for one unified platform to trace and secure data wherever it goes.

Read Post

Cyberhaven

Read more about One platform, complete protection: why data security is moving on from point solutions

What our customers really think about Cato

Jul 17, 2024 By Cato Networks In Cato Networks

Watch Nelson Saenz, VP of Technology at Guayaki Yerba Mate, share why Cato is their chosen single-vendor, cloud-native SASE platform.

View Video

Cato Networks

Security

Read more about What our customers really think about Cato

The CIA Triad: Confidentiality, Integrity, and Availability

Jul 17, 2024 By Steven In IDStrong

The confidentiality, integrity, and availability (CIA) triad is a critical concept in cybersecurity, including three fundamental principles that help protect information. Organizations seeking a starting point for developing an information security framework would benefit from the triad model.

Read Post

IDStrong

Read more about The CIA Triad: Confidentiality, Integrity, and Availability

What is Hashing and How Does It Work in Cyber Security?

Jul 17, 2024 By Steven In IDStrong

Hashing transforms a key or set of characters into a unique value from the original input, all for cybersecurity data validation and integrity checking. Hashing is a one-way process based on creating a value to associate with a specific data set. Security solutions providers like IDStrong use the highest level of hashing and encryption to protect their users' information. Organizations like IDStrong understand how critical safeguarding their consumer’s credentials is.

Read Post

IDStrong

Read more about What is Hashing and How Does It Work in Cyber Security?

Proactive Cyber Defense: The Essential Role of Internal Penetration Testing in the Age of AI

Jul 17, 2024 By Bindu Sundaresan In LevelBlue

In the world of cybersecurity, AI-powered threats are creating new challenges for organizations.

Read Post

LevelBlue

Read more about Proactive Cyber Defense: The Essential Role of Internal Penetration Testing in the Age of AI

Reveal Your Network's Hidden Weaknesses with KnowBe4's BreachSim Data Exfiltration Simulator

Jul 17, 2024 By KnowBe4 In KnowBe4

As cyber threats evolve, the target has become crystal clear: your data. A staggering 90% of ransomware attacks now include a data exfiltration component. With this in mind, KnowBe4 has introduced a robust free tool, BreachSim, to identify your network's vulnerabilities and shore up your cyber defenses. Financial losses, reputation damage, intellectual property theft, regulatory repercussions and operational disruptions are just a few of the harsh consequences of data exfiltration assaults. KnowBe4 BreachSim can help you nip these risks in the bud.

View Video

KnowBe4

Read more about Reveal Your Network's Hidden Weaknesses with KnowBe4's BreachSim Data Exfiltration Simulator

Everything to prepare for the 90-day SSL/TLS certificate validity proposal

Jul 17, 2024 By ManageEngine In ManageEngine

In a recent proposal, Google has expressed its intention to reduce the validity of SSL/TLS certificates to 90 days, a reduction from the current validity of 398 days. The move is focused on ensuring faster security updates, improving adoption of newer cryptographic standards, and eliminating the reliance on imperfect revocation systems. While this move promises several security benefits, without a proper certificate life cycle management (CLM) solution in place, enterprises will face operational nightmares when the proposal becomes a mandate. Is your business ready for this change?

View Video

ManageEngine

Security

Read more about Everything to prepare for the 90-day SSL/TLS certificate validity proposal

The Risks of Crowdsourced Pen Testing: A Critical View

Jul 17, 2024 By Razorthorn In Razorthorn

Jane Frankland critiques the lack of credential validation in crowdsourced pen testing companies. Understand the potential risks of unreported vulnerabilities being sold on the dark web and why proper vetting is essential.

View Video

Razorthorn

Read more about The Risks of Crowdsourced Pen Testing: A Critical View

Detect SSRF attacks in cloud applications and APIs

Jul 17, 2024 By Mallory Mooney In Datadog

APIs can be vulnerable to a wide variety of attacks, such as poor inventory management and access controls, making them a primary target for attackers. Server-side request forgery (SSRF) is one type of attack that has become more prominent with the rising use of public clouds. This is primarily due to new development practices like using Instance Metadata Services (IMDS) to access valuable information about deployed instances, such as credentials.

Read Post