One of the most common industries to face high-profile cybersecurity incidents is healthcare. The healthcare industry is a prime target for cybercriminals due to the vast amount of healthcare data, critical services provided, and the large scale of hospitals, private practices, and clinics. The healthcare sector can significantly enhance its cyber resilience and avoid potentially damaging cybersecurity incidents by implementing a reliable cybersecurity software solution.

On November 21st, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) released an advisory highlighting the ongoing exploit of the Citrix Bleed Vulnerability (CVE-2023-4966) by Lockbit 3.0 affiliates.

In an era where digital threats are evolving rapidly, the need for skilled security professionals is at an all-time high. Companies are grappling with a unique dilemma: the acute shortage of top-tier talent in the cybersecurity realm. But hiring an entire team poses its own set of risks. From the complexities of team dynamics to the cost of hiring, the constant upskilling and the ongoing retention efforts, these risks and costs stack up quickly.

As financial institutions navigate the ever-evolving challenges of cybersecurity, understanding and implementing the Federal Financial Institutions Examination Council (FFIEC) compliance becomes paramount. Here, we aim to be your guide, providing valuable information and practical hardening tips to help financial institutions not only meet but exceed FFIEC compliance standards. This blog will discuss.

Author: Owen Denby, General Counsel, SecurityScorecard On October 30, 2023, the SEC charged both SolarWinds and their CISO Tim Brown with defrauding investors, by failing to make disclosures about cybersecurity issues and vulnerabilities related to the massive nearly two-year long “SUNBURST” hack of the company.

As web applications continue to grow in complexity and sophistication, ensuring their security has become an increasingly daunting challenge. From emerging threats like API vulnerabilities and serverless architectures to well-known risks like cross-site scripting and SQL injection, organizations—regardless of size or industry—must be prepared to address a wide range of security concerns in order to keep their web applications safe and secure.

SecurityScorecard recently participated and presented in the World Economic Forum’s (WEF) Annual Meeting on Cybersecurity, which brought together 160 leaders on cybersecurity, including: global Chief Information Security Officers (CISOs); academic thought leaders, heads of cybersecurity from multiple countries and entities (the United Arab Emirates, Canada, Singapore, Luxembourg, the European Union, and Interpol); and the CEOs of several major companies.

Recent API breaches drive home the urgency of robust security. In the T-Mobile data breach, for example, the attackers exploited vulnerabilities in an API to compromise sensitive customer data. This incident exposed millions of users to potential identity theft and underscored the devastating impact of API security lapses. Infiltrating through the API, the attackers gained unauthorized access to customer records, emphasizing the need for comprehensive protection measures.

AutoZone is a vehicle parts replacement provider and servicer. Hosting over 5,300 stores across North America alone, AutoZone is a recognizably local option for car owners stateside. AutoZone’s many locations require seamless system responses; they ensure efficient service by using applicable third-party services.

In 2022, more than 25,000 new CVEs were discovered and added to the NIST National Vulnerability Database. In just the first ten months of 2023, another 23,500 CVEs were identified and added to the NIST NVD. That’s more than 48,000 new vulnerabilities documented in less than 2 years! With so many new CVEs being identified all the time, vulnerability management can seem like an insurmountable challenge. Despite the staggering numbers, there’s good news.