UpGuard is excited to announce the latest addition to our Vendor Risk Questionnaire Library: the DORA (Digital Operational Resilience Act) questionnaire! The addition of DORA to the Questionnaire Library reflects UpGuard’s ongoing commitment to providing our customers with the necessary tools to navigate today’s evolving regulatory standards.

…In the world of supply chain security, vigilance is your best friend. Stay informed, stay alert, and always prioritize security in your decisions. After all, in this interconnected digital world, we’re all in this together.

Software as a Service (SaaS) has quickly become popular and has changed the way businesses work by making them more scalable, flexible, and efficient. Cloud-based apps are convenient, but they also come with the duty of keeping them safe from cyber threats. As more businesses move private data to the cloud, security for SaaS has become very important. This is because the data is vulnerable to risks like cyberattacks, data breaches, and unauthorized access.

The ability to manage and monitor your attack surface is no longer a luxury—it’s a necessity. The rapid expansion of networks, coupled with the shift to cloud computing and remote work, has created a vast and ever-changing attack surface that requires constant vigilance. This article delves into the most effective attack surface management tools and techniques, offering insights into how they can bolster your cyber security posture and safeguard your organisation against evolving threats.

On September 24, 2024, Hewlett Packard Enterprise (HPE), the parent company of Aruba Networks, released a security bulletin addressing three critical command injection vulnerabilities affecting Aruba Networking Access Points. These vulnerabilities, identified as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, could allow remote unauthenticated attackers to execute code with privileged access.

Software platforms are being used more and more by companies to run their operations, store private data, and talk to customers. Ransomware attacks are becoming more common because people depend on them so much. One of the scariest types of hacks is the CDK ransomware attack, which is aimed at companies that use software from CDK Global.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human Services (HHS) recently issued a joint advisory on the RansomHub ransomware. RansomHub is a ransomware-as-a-service variant, previously known as Cyclops and Knight. Since February 2024, it has encrypted and exfiltrated data from over 210 victims spanning multiple industries.

What you need to know about cyber resiliency and protecting your organization from threats and other business disruptions by ensuring continuity.

In many standard enterprise applications, consistent logging serves a multitude of purposes. It helps businesses identify and rectify errors, provides valuable analytical insights, and lets you test new solutions. However, this also makes log injections one of the most common ways hackers can hijack or even gain access to sensitive user information.

Data has become organizations' lifeblood. However, with the exponential growth of data comes unprecedented challenges in securing it across both short-term and long-term storage. To make matters worse, cyber threats are evolving rapidly, and businesses need robust solutions to safeguard their critical data. We're excited to announce a groundbreaking partnership between Rubrik and Pure Storage.