Rubrik Zero Labs is excited to share “The State of Data Security: The Human Impact of Cybercrime”. This in-depth global study commissioned by Rubrik and conducted by Wakefield Research gives businesses around the world a deeper look into the challenges that IT and security decision-makers face, the effects of those challenges, and subsequent solutions. This study engaged over 1,600 senior IT and cybersecurity leaders with more than half at the CIO and CISO level.

Using your browser’s password manager to save the passwords for all your accounts can be tempting. Although it seems like it’s going to be the most seamless experience, it’s actually not. Browser password managers are not safe because they are not encrypted and they can be easily compromised – leading to your passwords also being compromised and more. Read on to learn why browser password managers are not safe to utilize.

On November 1 the OpenSSL Project released patches addressing the previously rated "Critical" vulnerability that was pre-announced last week. The "Critical" rating has been downgraded to "High.".

As digital business becomes more widespread, the need to ensure data security increases. One way to test its effectiveness is through penetration testing. Penetration tests are performed by ‘ethical hackers’ who attempt to gain access to systems and data to find vulnerabilities. By doing so, businesses can then take steps to mitigate these risks. Companies should consider penetration testing as an essential part of their overall security strategy.

In October, BleepingComputer reported that the websites of several airports were experiencing service disruptions after the KillNet threat actor group announced that they would target airports throughout the U.S.

We’ve made it through spooky season once again, but there is still plenty of scary business unfolding in the world of cybersecurity. October offered several useful cautionary tales for organizations, including a company that took fast action and averted a threat, one that overlooked a security gap for far too long, another that offered a crucial reminder about improper conduct, and one more that … well, we’re not quite sure what the heck happened with that one.

Yesterday, TechCrunch broke a story about pharmaceutical giant AstraZeneca, which experienced a leak affecting sensitive patient data. We think this incident is worth reviewing to learn more about how data exfiltration risk is distributed across the entirety of an organization’s SaaS infrastructure.

On November 1st, Dropbox disclosed a security breach where the attackers stole over 130 code repositories after gaining access to one of the employee’s GitHub accounts using the stolen credentials of that employee via a well-designed phishing attack.

One of the most challenging positions within an organization is that of a chief information security officer (CISO). A little while back, I had an opportunity to sit down with Chris Hughes, CISO and co-founder of Aquia, to discuss his experience in the role. Acquia is an open source digital experience company that empowers the world’s most ambitious brands to embrace innovation.

On November 1st 2022, the OpenSSL team released an advisory detailing two high severity vulnerabilities — CVE-2022-3602 and CVE-2022-3786. This was pre-announced as a critical bug, but later downgraded to high for the actual release. This could still be problematic though, OpenSSL is one of the predominant encryption libraries and is underpinning a significant portion of the internet’s TLS protected communications.