Most websites do not have their own individual server, instead they share a server along with multiple other websites and applications. All websites hosted from this server will therefore have the same IP address. This can be problematic as the server can’t differentiate which website to serve if many websites are hosted on the same IP address and port. It will serve the default website regardless of the requested domain.

Onboarding is perhaps the most precarious phase of the Vendor Risk Management process. A single oversight could expose your organization to dangerous third-party security risks, increasing your chances of suffering a data breach. This post explains how to bolster the most vulnerable access points of the vendor onboarding process to help you securely scale your VRM program.

In the realm of office dynamics and cybersecurity, sometimes the simplest strategies are the most effective. One such strategy that has gained popularity here amongst our ranks is the penalty of buying doughnuts for the office whenever someone forgets to lock their computer when stepping away. This sweet approach not only keeps cybersecurity at the forefront of everyone’s mind but also fosters a sense of camaraderie and accountability.

More than a quarter (26%) of organizations around the world provide no security awareness training for their employees, according to a survey by Hornetsecurity. The researchers found that smaller companies in particular tend to lack security training programs. “This significant oversight in cybersecurity education highlights a critical vulnerability within the corporate world, particularly in smaller companies,” the researchers write.

What and where is our most critical data or system(s)?

ADC vendor landscape is experiencing a significant change as a result of acquisitions and shifting portfolio priorities among the two largest ADC vendors. That is bringing about uncertainty with customers who have relied on these vendors for their mission-critical application infrastructures. Businesses are built on applications, and for digital-first businesses, they are critical for driving revenue and delivering a positive customer experience.

The 2020 EU Cybersecurity Strategy, published by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy, aimed to establish safeguards against security risks arising from increased digital connectivity. As part of the strategy, the strategy included updates to Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2).

The digital supply chain refers to the chain of third-party digital tools, services and infrastructure that a company depends on for a particular first-party service (such as their website or SaaS platform). In an ever-changing digital landscape, supply chains can be brittle with many unseen risks. The nature of supply chain risk is transitive; any part of the often long and complicated digital supply chain can be compromised, causing all components downstream of it to also be compromised.

In the ever-evolving landscape of cybersecurity, the tools designed to protect us can sometimes become our greatest vulnerabilities. This paradox is becoming evident as attackers increasingly target Check Point VPNs, exploiting them to gain initial access to corporate networks. Recent findings highlight a growing trend where cybercriminals are leveraging vulnerabilities in remote access VPNs, posing a significant risk to organizational security.

The cybersecurity landscape has recently been shaken by a surge in activity involving a Mirai distributed denial-of-service (DDoS) botnet variant known as CatDDoS. Over the past three months, threat actors have aggressively exploited more than 80 vulnerabilities to spread this malware. In this blog, we explore the recent CatDDoS attacks, the targeted sectors, and the implications for cybersecurity practices.