Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The Future of Cybersecurity: Insights and Predictions for 2025

2024 marked a transformative shift in cybersecurity with AI and data driven cyber security leading the change. As the threat landscape evolves, the stage is set for further advancements in continuous risk management, threat monitoring, resilience, and governance in 2025, shaping a more secure and dynamic digital landscape where cybersecurity is becoming a catalyst for business success and compliance.

CVE-2024-47836: HTML Injection Vulnerability in Admidio User Management

On October 9, 2024, the security researchers at Astra Security found an HTML injection vulnerability in the messages section of the Admidio User Management solution. The vulnerability, assigned CVE-2024-47836, allows attackers to inject arbitrary HTML content into the application, which could manipulate webpage behavior, mislead users, and act as a precursor to further attacks.

Russia's APT29 Launches Major Spear Phishing Campaign

Trend Micro warns that the Russian state-sponsored threat actor Earth Koshchei (also known as “APT29” or “Cozy Bear”) is using spear phishing emails to trick victims into connecting to rogue Remote Desktop Protocol (RDP) relays. “Earth Koshchei’s rogue RDP campaign reached its peak on October 22, when spear-phishing emails were sent to governments and armed forces, think tanks, academic researchers, and Ukrainian targets,” Trend Micro explains.

"Get Beyond Security Awareness Training" Does Not Mean Forgetting About It

KnowBe4 is a big believer in focusing on decreasing human risk as the best way to decrease cybersecurity risk in most environments. A big part of decreasing human risk is using effective security awareness training (SAT). You do not want to just focus on SAT, but SAT is a big part of decreasing human risk. To be sure, your human risk management projects need to be broadly focused on more than SAT. We agree.

Do You Need More Than One PAM Solution?

No, you don’t need more than one Privileged Access Management (PAM) solution to protect your organization if you find one that encompasses zero-knowledge security, granular access control, session management and automated password rotation. Previously, your organization may have needed multiple PAM solutions for various tasks; however, KeeperPAM is a unified platform that provides centralized cloud management of privileged access, passwords, secrets and connections.

CIO POV: Beware of Deepfakes Infiltrating the Enterprise

Many years ago, the philosopher Phaedrus said, “Things are not always what they seem; the first appearance deceives many; the intelligence of a few perceives what has been carefully hidden.” He couldn’t have possibly imagined today’s world, yet his warning encapsulates deepfakes, one of the greatest threats of modern times. As AI advances, digital disinformation is blurring the lines between fact and fiction.

Closing the IT Skills Gap: How SASE Empowers and Retains Top Talent

In today’s competitive job market, employees are increasingly seeking a sense of purpose and belonging in their work environments. As McKinsey reports, purpose has become a pivotal factor in employee retention. IT leaders who fail to connect their teams’ day-to-day tasks to a broader mission risk losing top talent to organizations that do.

Top 8 Ways To Align Business Value With IT Outcomes Using Cato SASE Cloud

In today’s rapidly evolving digital landscape, IT leaders are under constant pressure to deliver outcomes that align directly with business value. Gone are the days when technology decisions were made in isolation. Today, every IT investment must contribute to operational efficiency, cost savings, security, and scalability—all while empowering the business to innovate and grow.