Forescout’s Vedere Labs, in partnership with CyberMDX, have discovered a set of seven new vulnerabilities affecting PTC’s Axeda agent, which we are collectively calling Access:7. Three of the vulnerabilities were rated critical by CISA, as they could enable hackers to remotely execute malicious code and take full control of devices, access sensitive data or alter configurations in impacted devices.

Asset inventory is a significant part of a comprehensive security plan for all organizations. After all, if you do not know what assets you have, then you cannot manage them. Even a small company can amass a surprisingly large amount of assets. It is no surprise that accounting for all of these assets can be like chasing a moving target, as new and old assets must be accounted for, and conversely, decommissioned assets must also be removed.

Elastic Security discovered PHOREAL malware, which is targeting Southeast Asia financial organizations, particularly those in the Vietnamese financial sector. Given the continuous pace of malware development, it's no surprise that adversarial groups will leverage successful campaigns as the basis of developing future attacks, and the recently discovered backdoor campaign targeting Vietnamese financial services is no exception.

ISO 27001 (or ISO/IEC 27001) is the leading international standard on information security management. As part of a wider set of related ISO (International Organisation for Standardisation) standards - the ISO 27000 series – it provides a well-defined framework to help any business create, implement, and maintain an effective information security management system (ISMS).

The complexity of keeping organizations, customers, and employees safe from cyber threats increases every day. Security teams are often overwhelmed with the need to manage multiple workflows across a myriad of tools. The combination of Humio and Tines helps customers build a clear picture of what's really going on within their environment and automate effective responses at speed and scale.

In honor of International Women’s Day we once again asked the amazingly talented women of archTIS to share their insights as women in tech. This year our Finance and HR leads share their important roles in the company, experiences, and offer advice to young women considering a career in cybersecurity.

A dynamic, data-centric approach is key to securing sensitive information and achieving compliance in our modern world of hybrid IT solutions, but what are the differences between RBAC vs ABAC the two common access controls approaches? Over the last two years, companies have seen an expedited shift away from using traditional methods to access their data. With more employees working remotely, we find the security controls we have spent years refining are no longer adequate.

2021 was the year that marked a major cyber-attack against a critical national infrastructure organization whose impact was felt by millions of Americans on the East Coast. However, the attack against the Colonial Pipeline Company was not the only incident that affected the Operational Technology (OT) systems of a critical sector for the U.S. national economy.

In November 2018, the Australian Prudential Regulation Authority (APRA) released the Prudential Standard CPS 234 in direct response to the escalating attack landscape in the financial sector. APRA has understood these threats to be the direct result of banking services moving to more complex and heavily used digital platforms. The new Standard emerged as an offshoot to the Notifiable Data Breach Scheme, which came into effect in early 2018.

Windows 11 is coming. Ever since its release in October 2021, users have been checking for updates, eagerly waiting to upgrade. Microsoft’s requirements are stricter than usual, and thus the feature rollout is coming in episodes. Existing Windows 10 users can download it for free. For the rest, there are a few compatibility checks before upgrading.