In the past, the attack surface was defined and protected by the boundaries of the organization’s physical network (aka the LAN). Using physical security methods, firewalls, and careful monitoring, organizations kept their data, endpoints, and networks secure. The entire attack surface was internal, within a well-defined and fortified perimeter.

In business and life, getting the timing and the team right is half the battle.

Anyone who’s ever been in a relationship knows that the beginnings and ends are the toughest parts. This is when the baggage is dusted off, brought to light and (all too frequently) used detrimentally. Mergers and acquisitions — and their mirror image, divestments — are the organizational equivalents of marriage and divorce. During the process, past indiscretions are discovered, leveraged in negotiations and ideally rectified or laid to rest.

On Thursday, December 9, a zero-day vulnerability CVE-2021-44228 (a.k.a. Log4Shell, LogJam, and Log4j) was made public. This vulnerability impacts Apache Log4j versions 2.0-beta9 to 2.14.1, and it has the highest possible CVSS score of 10.0. As of today, it is widely regarded as one of the most dangerous and widespread vulnerabilities to date.

Cyber Monday and the holiday shopping season are around the corner: don’t be the victim of an online shopping scam or cyber security breach. Cyber Monday is here, and the holiday shopping season is in full swing. With some of the world’s biggest brands vulnerable to a Magecart attack, you can’t be too careful with your credit card information.