CIS Control 8 Center for Internet Security (CIS) version 8 covers audit log management. (In version 7, this topic was covered by Control 6.) This security control details important safeguards for establishing and maintaining audit logs, including their collection, storage, time synchronization, retention and review. Two types of logs are independently configured during system implementation.

Control 10 of CIS Critical Security Controls version 8 is focused on malware defenses. It describes safeguards to prevent or control the installation, spread and execution of malicious applications, code and scripts on enterprise assets. (In CIS version 7, this topic was covered by Control 8.) Malware, especially ransomware, has become a pressing security issue in recent years.

Contractors, freelancers, and other temporary workers have become essential parts of the modern enterprise. For IT and security teams, these individuals present unique challenges compared to full-time workers—and potential risks. The ‘offboarding’ process for these contractors is often less formal than bringing them on. Meaning, many just stop using their entitlements and accounts without actually closing them. These dormant accounts can pose serious risks to the organization.

On Friday, May 27, Security vendor nao_sec identified a malicious document leveraging a zero-day RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The actively exploited vulnerability exists when MSDT is called using the URL protocol from a calling application, such as Microsoft Word.

In today’s data-driven world, skilled developers are much sought out for their ability to build applications that serve the Big Data needs of organizations. The sheer size, complexity, and diversity of Big Data requires specialized applications and dedicated hardware to process and analyze this information with the aim of uncovering useful business insights that would otherwise be unavailable.

New state-level data privacy laws just keep coming. By the end of 2023, California will transition to the CPRA, and residents of Virginia, Colorado, Utah, and Connecticut will be covered by more expansive state privacy laws. With 10% of U.S. states covered by data privacy legislation by the end of next year, it’s clear there’s a need for federal legislation as well. I’m pleased to see reports of positive momentum on this topic in Washington.

Developers love GitHub. It’s the biggest and most powerful collaboration platform that programmers, developers, and companies use to develop and maintain their software. It’s the biggest source code host with more than 200 million repositories. And it keeps growing. In 2021, more than 73 million developers used GitHub. It gained over 16 million new users in 2021 alone, and GitHub estimates that user numbers will increase to 100 million developers in the next five years.

On Tuesday, June 14, 2022, Citrix released patches for multiple vulnerabilities, including CVE-2022-27511, an unauthenticated remote privilege escalation vulnerability affecting Citrix Application Delivery Management (ADM). The vulnerability allows an unauthenticated user to remotely corrupt an affected system to reset the administrator password at the next device reboot. Successful exploitation allows a threat actor to gain initial access using the default credentials via SSH after a device reboot.

Two-factor authentication (2FA) is a type of multi-factor authentication (MFA) used to verify users’ identities and provide an additional layer of account security. Users must enter two factors before they are allowed access to their online accounts to ensure they are who they claim to be. 2FA offers a greater level of security than single-factor authentication (SFA), which only relies on one factor, such as a password or passcode.

The answer is yes and no. While cybersecurity automation is necessary in today’s vast threat landscape, its current functionality will not replace the role of cybersecurity professionals. The use of cybersecurity automation is undoubtedly on the rise. A 2021 global Statista survey found that 35.9% of global survey respondents reported using a high level of automation in security operations and event/alert processing.