The telecommunications sector provides critical infrastructure for many countries, enabling the exchange of information across various industries. Due to the widespread use of digital information in telecommunications, the sector has become a prime target for cyber threats from hackers, state actors, and cyber criminals. In 2023, telecommunications experienced higher credential stuffing rates than other sections, according to F5.

Earlier this week, we debuted our mini-series on the SEC’s new cybersecurity rules. In case you missed it — and, understandably, don’t have the bandwidth to backtrack — Part I explored how the (seemingly perpetual) explosion in data creation, data value, and IT complexity since the dawn of the digital age has come to shape our society. In particular, we note why these trends are responsible for our current IT predicament, namely, the rise in threats, risks, and regulations.

In an era where cyber threats are becoming increasingly sophisticated and pervasive, securing endpoints is paramount. Microsoft Defender for Endpoint emerges as a key player in the cybersecurity arena, offering comprehensive protection against a wide array of threats. This blog post delves into how Defender for Endpoint is revolutionizing endpoint security through the use of advanced threat protection technologies.

Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting Ukrainian state organizations attributed to the Kremlin-backed nation-state group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP,” detailed in this whitepaper.

In the rapidly evolving landscape of cybersecurity, staying ahead of threats requires not just vigilance but advanced technology. Sentinel, Microsoft’s cloud-native Security Information and Event Management (SIEM) solution, represents a leap forward in the way organizations detect, investigate, and respond to cyber threats.

In the digital age, where data is the new gold, ensuring the security and efficiency of network communication is paramount for businesses of all sizes. The Server Message Block (SMB) protocol plays a crucial role in facilitating file sharing, network browsing, and printer access among devices on a network. Understanding SMB port numbers is essential for IT professionals looking to optimize and secure their networks.

Self-attestations are an increasingly popular tool for cybersecurity compliance frameworks such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the Cybersecurity and Infrastructure Security Agency (CISA) directives. The idea is that organizations attest to meeting specific security controls and requirements without third-party validation.

Anastasios Stasinopoulos from OBRELA LABS Team discovered a security flaw that affects Apache Superset (before 3.0.4, from 3.1.0 before 3.1.1), an open-source modern data exploration and visualization platform. Apache Superset error handling can be manipulated in order to allow data retrieval from the backend database.

Despite best efforts to accommodate third-party risk management (TPRM) processes that correspond with increased use of third-party vendors, incident outcomes seem to grow as well. The 2023 global average cost of a data breach was USD $4.45M, a 2.3% year over year increase. In the United States, the average cost of a breach is higher at USD $9.48M.

In today’s complex cybersecurity environment, the need for robust governance, risk management, and compliance (GRC) strategies has never been higher. With evolving regulations, heightened security threats, and complex compliance requirements, organizations are turning to GRC software so that they can meet their objectives efficiently and effectively. That said, your choices for GRC software are many.