On December 9, 2021, Apache upended the cybersecurity industry by publishing a zero-day vulnerability (CVE-2021-44228) for its ubiquitous Log4j logging utility. Dubbed Log4Shell, the remote code execution flaw (CVSS score:10) allows an attacker to take control of a connected device and run malicious code, access sensitive data or alter its configuration. Because Logj4 is free and easy-to-use, it’s embedded (often deeply) in Java applications used by IT and OT platforms worldwide.

Recent advancements in machine learning, the latest on Black Proxies, and the DHS Cyber Safety Board’s plan to review Lapsus$ gang’s hacking tactics.

We are excited to share that Vanta has been named the #1 Leader in G2’s Winter 2023 Grid® Report for Security Compliance. We’ve also been recognized as the #1 Leader in G2’s Cloud Compliance category for the sixth consecutive season, and retained leadership in Vendor Management, Vendor Security and Privacy Assessment, Cloud Security, and IT Asset Management for multiple seasons. Vanta is the leader in a total of 19 G2 categories. ‍ ‍

Corelight Labs, our amazing research team, has been hard at work on another content collection which we are excited to introduce: the Corelight Entity Collection. Corelight evidence is powerful and comprehensive. So comprehensive, in fact, that it can sometimes be hard to know where to start. Providing customers faster ways to find meaningful context in our data was the driving force behind the creation of the Entity Collection.

EV Code Signing Certificate resides at the top of the digital certificate hierarchy due to its enormous security functionalities. Organizations active for a minimum of three years can only obtain it by undergoing a strict validation process. In addition, Certificate Authorities perform a rigorous verification of all documents before issuing the EV Code Signing Certificate.

Finding out that someone has guessed your password can be a scary feeling. Passwords protect your important data, so having someone guess it is a major threat to your security. There are several ways someone could have guessed your password including having bad password habits and easy-to-guess security questions. Read on to learn more about password guessing and the steps you can take to avoid it from happening to your accounts.

In light of the numerous large-scale cyberattacks witnessed in the last year, 2023 promises to be an exciting time for cybersecurity. Outpost24 experts share their thoughts on what we can expect in the new year, and how to best prepare against new threats.