Implementing robust defense strategies helps to mitigate the risk of cyberthreats in the early stages of an attack. Threat hunting, as part of this strategy, enables organizations to find those unknown threats that manage to bypass technology-based controls by detecting abnormal behaviors. With a number of challenges associated with executing a defense approach, how are IT leaders approaching this problem? Pulse and WatchGuard surveyed 100 IT leaders to find out.

With just a few weeks until the April 15 deadline for US individuals and businesses to file their tax returns, scammers are as busy as ever. Security researchers at Cofsense have warned that they have seen a number of malicious email campaigns which pose as communications from the Internal Revenue Service (IRS). The emails which purport to come from “IRS.gov”, claim to contain tax forms (such as a W-9) that need to be filled out by the recipient.

Today we’re pleased to announce an update to our popular Docker and Snyk vulnerability cheat sheet. Since 2020, millions of MacOS and Windows developers have been able to use docker scan to analyze their containers in their local environments as part of their day-to-day development. This capability gives teams feedback at the time of active development for faster cycles.

The ongoing war between Ukraine and Russia has placed organizations worldwide on full alert due to the possibility that cyber attacks related to the conflict may impact organizations outside the region.

Last month, we announced the launch of our active cloud-native application runtime security. Calico Cloud’s active runtime security helps security teams secure their containerized workloads with a holistic approach to threat detection, prevention, and mitigation. As security teams look to secure these workloads, it’s also critical that they employ a defense-in-depth strategy.

A few days ago it was reported that the new Apache version 2.4.53 contains fixes for several bugs which exposed the users of the well known HTTP server to attacks: CVE-2022-22719 relates to a bug in the mod_lua modules which may lead to Denial of Service after reading from a random memory Area, CVE-2022-22720 exposes the server to HTTP Smuggling attacks, CVE-2022-22721 exposes the server to a buffer overflow when handling large XML input, and CVE-2022-23943 is a vulnerability in the mod_sed module, whi

In recent times when data breaches and cyber attacks have become so common, being cyber resilient and prepared for the attack when it happens is the new norm.

The widespread popularity of the containerized infrastructure backed by the advancement in technology, has made Linux the top priority as a host of the enterprise production environment. Red Hat Enterprise Linux default configuration settings which are more functionality-focused than being security-oriented, are often faced with the risk of infrastructure breaches.

ISO 27001 compliance provides greater assurance that an organization is adequately managing its cybersecurity practices, such as protecting personal data and other types of sensitive data. Third-party risk management (TPRM) programs can benefit immensely from implementing the relevant ISO 270001 controls to mitigate the risk of significant security incidents and data breaches.

According to a PwC poll, the epidemic has increased the number of employees working from home to almost 70%. Remote working, however, has its own set of risks. Companies are vulnerable to a host of network attacks because of employee-owned devices, insecure connections, and inappropriate device usage. That is where cybersecurity awareness training for employees comes into the picture and plays a key role in preventing cyber attacks.