Vulnerability management can be more than just running scans and sorting by Common Vulnerability Scoring System scores! Take your program to the next level by adding a threat-based approach to vulnerability management by combining the hacker mindset with cyber threat intelligence. With so many vulnerabilities published daily, having a team knowledgeable with the latest threats can help IT teams quickly identify assets that require expedited remediation.

Phishing is a well known threat that users are constantly being warned about, but as we are in Cybersercurity Awarenss Month though, some may still be wondering what exactly phishing is and how to prevent it. In this blog, I am going to dig into how you can recognize phishing and how enabling multi-factor authentication can help keep you safe.

With Elastic 8.5, we are excited to announce that the Cloud Workload and Posture capabilities are now generally available with this release! As organizations move rapidly to adopt newer cloud technologies, security teams are tasked with protecting their organization’s assets and data across various platforms — including endpoints, cloud, and on-prem environments.

Perhaps it’s fitting that 2022 Cybersecurity Awareness Month ended on Halloween as there are a few similarities that can be drawn between these two events. Cyberattacks are scary. Ransomware is kind of like to older kids threatening to egg your house unless you give them all your candy. And is there really a difference between a child dressed up as Buzz Lightyear or Captain Marvel and a well-crafted socially engineered phishing email? After all, neither are as they appear…..

The cybersecurity industry’s current struggle — to close a significant gap between the numbers of job openings and qualified candidates — began years before the coronavirus pandemic sparked the Great Resignation. Today, (ISC)² reports a global cybersecurity workforce gap of 2.7 million people. The pandemic did compel enterprises to accelerate their migration of applications to the cloud, increasing the challenge for already-overwhelmed security teams.

OpenSSL released version 3.0.7 with security fixes for High Severity vulnerabilities CVE-2022-3786 & CVE-2022-3602 discussed here. Here's how to know if you're affected and what to do if you are.

The OpenSSL Project team announced two HIGH severity vulnerabilities (CVE-2022-3602, CVE-2022-3786) on October 25, which affect all OpenSSL v3 versions up to 3.0.6. These vulnerabilities are remediated in version 3.0.7 which was released November 1. OpenSSL 1.X versions are unaffected by the vulnerabilities.

“Digital trust” is a hot topic at the moment—with McKinsey as the latest to dive into the term. The consultancy’s “Why Digital Trust Matters” report presents global research among business leaders and consumers, exploring consumer perceptions of digital trust, and the behaviours it motivates.

Although still in its early stages, the Metaverse is well on its way to becoming a full-blown reality. This monumental achievement was only made possible by the pandemic speeding up the implementation of VR and at-home digital services and by the subsequent penetration of these services among all demographic groups, especially younger people. But as the world steams forward into the great digital unknown, very few people are asking the fundamental question: is the Metaverse what humanity needs right now?