Recently, the cybersecurity world has been abuzz with discussions about Phemedrone, a newly emerged stealer exploiting the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen. The project was most recently available on GitHub; however, the project was taken down, and the associated account was removed. Active development still occurs via Telegram.

When the pandemic hit in 2020, our world became chaotic overnight. Throughout the nation, individuals were met with layoffs or stringent checks—pushing the financials of families to their breaking points. Simultaneously, business organizations faced similar issues; because fewer bodies were allowed in the same area, production trickled to a minimum, niche clients limited their spending, and small businesses counted the days until their doors closed.

As the cybersecurity landscape continues to evolve, the importance of rigorous and proactive security measures has never been more pronounced. The Network and Information Security (NIS2) Directive, an initiative by the European Union, is set to redefine cybersecurity standards for essential and important entities, emphasizing the need for robust risk management, incident response, and business continuity planning.

As businesses shift to modern hosting platforms, they must go beyond just network security and pay closer attention to protecting their applications. Simply building walls around data centers won’t keep attackers away when apps are in the cloud. In today’s digital world, where companies depend on cloud services for storage, computing, and software, having strong cloud security is crucial.

PCI DSS compliance is crucial for any business that processes, stores, or transmits cardholder data. But who exactly is responsible for implementing and enforcing PCI DSS requirements? This blog post will unpack PCI data security standard controls, who owns them, the penalties for non-compliance, and how a Governance, Risk management, and Compliance (GRC) platform like ZenGRC can help streamline compliance.

TrustCloud gets better every day! Here are some new features our teams have rolled out in the new year.

Considered the "brain" of industrial automation, programmable logic controllers (PLCs) are an important factor in industrial control systems (ICS), especially for critical infrastructure in the public sector. PLCs are an industrial computer used to control automated devices in a variety of industries, including industrial manufacturing and critical infrastructure. This article offers suggestions for PLC security risks, as well as cybersecurity standards for risk mitigation.

I recently had the opportunity to speak with three CrowdStrike customers who shared their stories on why they consolidated on the CrowdStrike Falcon® XDR platform and the benefits of CrowdStrike’s tech integrations with partners like Okta and Zscaler. The 30-minute virtual panel, “Customer Best Practices for Security Consolidation Success,” is brimming with helpful information for security professionals. Why is this topic top-of-mind for so many?

For the second consecutive year, WatchGuard Technologies was recognized as a Cybersecurity Channel Champion in the 2023 Canalys Global Cybersecurity Leadership Matrix. The annual report assesses vendor performance in the channel over the previous 12 months based on partner feedback, vendor surveys, Canalys shipment estimates, and analyst insight.

Attacks targeting Swiss residents increased 10% last year, according to newly-released data that shows a growth in not just phishing attacks, but brand impersonation at purely a national level. The Swiss Federation’s National Cyber Security Centre (NCSC) hosts a phishing site reporting tool where individuals and businesses can report suspicious websites and emails. They analyze and track reports, consolidating their findings annually into their Anti-Phishing Report.