The Sarbanes-Oxley Act (SOX), enacted by the United States Congress in 2002, is a landmark piece of legislation that aims to improve transparency, accountability, and integrity in financial reporting and corporate governance. The act was a response to high-profile corporate scandals, such as those involving Enron, WorldCom, and Tyco International, which shook investor confidence and underscored the need for regulatory reforms to prevent corporate fraud and protect investor interests.

While the Fourth of July is typically considered a day of celebration for those in the U.S., many don’t realize it’s also a period of heightened risk. In fact, this isn’t unique to the Fourth of July: holidays often see an uptick in cybersecurity threats. With the Fourth of July nearly upon us, let’s examine why this happens and how you can protect yourself and your business.

For the Sysdig Customer Success team, our mission is simple: ensuring that our customers get the most value from our product. Usually that means helping them use the product, answering questions, and requesting feature enhancements. In our line of work, sometimes you have to throw out the usual playbook to make things happen. This particular story started when we noticed a change in a customer’s agent usage.

SASE is all about strategically solving business problems. The systematic removal of technology barriers standing in the way of business outcomes. It is a brand new “how” (platform) for a well-known “what” (features). When we started Cato in 2015, we were immersed in skepticism. Can you actually build a cloud network that will replace MPLS circuits with decades of proven reliability?

No, you don’t have to change your password every 90 days. This idea of regularly changing your password is known as password rotation. The main benefit of changing your passwords so often is to prevent unauthorized users from accessing private information. For personal accounts, changing your passwords every 90 days can actually end up being worse than keeping them the same.

All Surface Monitoring users can configure Attack Surface Policies directly from the new Domains page, enabling various combinations of characteristics that were previously unavailable. Users are now alerted when policy breaches occur directly through their integrated tools, such as Slack and Jira.

The number 42 has gained legendary status in popular culture, largely due to Douglas Adams’ science fiction series, The Hitchhiker’s Guide to the Galaxy. In this series, a group of hyper-intelligent beings build a supercomputer named Deep Thought to calculate the “Answer to the Ultimate Question of Life, the Universe, and Everything”. After much contemplation, Deep Thought reveals the answer to be simply “42”.

For years, we as security practitioners were promised that AI and machine learning would change our lives for the better, but time and time again, the companies that touted this technology disappointed us. In the first decade or so of AI-branded security tools, we saw plenty of products that demoed well, but were completely undeployable.

A high-severity remote code execution (RCE) vulnerability, CVE-2024-6387, has been discovered in OpenSSH’s server by the Qualys research team. This vulnerability is particularly concerning as it revives an issue that was previously addressed in 2006, highlighting the persistence of hidden bugs in widely used secure software. This discovery follows another significant vulnerability in the XZ Utils library found just a few months ago, underscoring ongoing security challenges.

Modern cybercriminals aren’t just after your average employee. They’re targeting DevOps engineers – the gatekeepers of critical infrastructure and valuable data. 90% of data breaches start with phishing. Traditional awareness training often needs more technical depth. These programs tend to focus on generic red flags (e.g., suspicious links and requests for sensitive information) that are easily recognized by most.