In February 2022, the Center for Internet Security (CIS) released the CIS Microsoft Windows Server 2022 Benchmark v1.0.0, providing security best practices for establishing a secure configuration and hardening guide for Microsoft Windows. For automation of CIS benchmarks, Get in Touch. Following this release, CIS updated their recommendations for older operating systems, extending back to Windows Server 2008 where applicable. Below we discuss CIS Windows server 2022 hardening script we feel are critical.

We live in a world where the term "cybersecurity" tends to make folks either shiver with anxiety or yawn with boredom. The narrative has always been about hacking, phishing, and all sorts of digital skullduggery. However, the overlooked truth is that users don't adopt best security practices because they’re designed without the slightest nod to the user experience.

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North Korea and Russia. “The Brazil-focused targeting of these groups mirrors the broader priorities and industry targeting trends we see elsewhere,” the researchers write.

Over time, cybercriminals find ways to exploit new cybersecurity breaches, leading to the creation of malware that compromises users' security. Every year, one or more malware variants stand out as new, evasive, or dangerous. According to our Internet Security Report (ISR), last year it was Glupteba.

Mobile devices have made it possible for employees to work and communicate from just about anywhere. But that convenience comes at a price. The rise of mobile devices and the rise of mobile security threats have gone hand-in-hand. Mobile devices like phones, tablets, and ChromeOS devices present an incredible vector for phishing, social engineering, and malware distribution—and threat actors are keenly aware of that fact.

Responding rapidly to cyber threats is a make-or-break capability in today’s high-stakes security environment. A missed alert can quickly escalate a minor incident into a major crisis, jeopardizing your organization’s critical assets and hard-earned reputation. A recent IBM study revealed that companies took an average of 237 days to identify a data breach in 2021 — an inexcusable delay that could invite catastrophic consequences. (Source: IBM Cost of a Data Breach Report 2022)

At Tines, our mission is to power the world's most important workflows, and AI has recently become a huge part of that story. We currently have two AI-powered capabilities that enable teams to work faster, reduce barriers to entry, and spend more time on the fulfilling work that attracted them to their professions in the first place. But this is only possible because they trust that these features are private and secure by design.

October is rapidly approaching, and that means new cybersecurity regulations known as NIS2 are set to be enacted by European Union (EU) member states. States are required to publish their local version of the NIS2 Directive into law by the 17th of October. Whilst many countries are well on track, however, some have already acknowledged they will not meet the deadline. This delay leaves organisations somewhat in the dark as to what they will need to comply with and by when.

The main difference between passkeys and 2FA is that passkeys completely remove the need for individuals to enter a password, whereas 2FA enhances the security of an account by requiring an additional method of authentication in addition to a traditional username and password. Continue reading to learn more about the differences and similarities between passkeys and 2FA, and which is more secure.