Read also: A former cop gets 20 months in prison for selling victims’ personal data, a BEC scammer sentenced, and more.

The GRC Group ("GRC"or the "Group"), a leading provider of software and tech-enabled services to manage business risks and regulatory compliance, has today acquired Pentest People Ltd (“Pentest People”).

The main function of a hypervisor is to emulate the devices used by virtual machines at the software level. Devices, such as virtual controllers, disks, DVD-ROMs, video cards, network cards, input devices, etc., are created in a virtual machine. But what if you want to connect a printer, scanner, USB flash drive, USB hard drive, USB smart card reader, security dongles, USB license keys, etc.?

Dynamic Application Security Testing (DAST) is an advanced testing method that tests the production environment and analyzes application security at runtime. This type of black box testing identifies real-world vulnerabilities externally without much need for insights into the product provenance of any single component. By simulating real-world attacks in your system, DAST identifies critical security gaps that other vulnerability assessments and static methods might miss.

Cicada (also known as Cicada3301) is sophisticated ransomware written in Rust that has claimed more than 20 victims since its discovery in June 2024.

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by targeting humans directly. “The enduring dominance of phishing as an initial access technique underscores its effectiveness and persistence in the face of cybersecurity advancements and more sophisticated methodologies,” the researchers write.

Ahead of Rubrik’s inaugural Healthcare Summit on September 12th, I thought it was appropriate to set the stage for what’s coming. Threat actors aren’t going to wait for you to get ready before they launch their attack. They’re banking on you not being able to recover your data—or not being able to recover fast enough—to maximize the damage they leave in their wake.

This past summer was the first time I watched the Olympics since moving to the U.S. Besides appreciating the sheer greatness of the American Olympic spirit, there was also another thing that could not go missed - AI! Filling up every commercial slot seemed to be AI. And mainly, the commercials focused on harnessing AI for business productivity and operations. No matter your take on the greatest Olympic moment or greatest AI commercial, one could not overlook this overwhelming trend.

On September 4, 2024, Cisco released fixes for two critical vulnerabilities in Cisco Smart Licensing Utility (CSLU), a tool used to manage licenses across Cisco products in a network. Cisco has stated that these vulnerabilities are only exploitable if the Smart Licensing Utility is actively running and has been started by a user. Note: These vulnerabilities do not impact Cisco’s Smart Software Manager On-Prem or Satellite.

In the dynamic field of cybersecurity, two essential practices stand out: Ethical Hacking and Vulnerability Assessment. Both play critical roles in safeguarding digital assets, yet they serve different purposes and employ distinct methodologies. Understanding the differences, their place in cybersecurity, and when to deploy each tactic is crucial for maintaining a robust security posture.