New software security data demonstrates that Software Composition Analysis (SCA) will help bolster the safety and integrity of open-source software usage for organizations in the Europe, Middle East, and Africa (EMEA) region in particular. The EU Cyber Resilience Act makes this research especially crucial and timely. Let’s dive in and look at recommendations for EMEA teams wanting to secure cloud-native development.

Based on the popularity of last year's Macro-level ATT&CK Trending, we’ve updated the dataset for another year’s worth of insights. This data summarizes the frequency of MITRE ATT&CK technique observations across thousands of cyber incidents over the past four years. In this post, we’ll look at the contents of the updated dataset, using Splunk to pull out trends based on this ultra large-scale attacker landscape!

Security professionals are burning out, and they often aren’t getting enough support from their higher-ups. In fact, Devo and Wakefield Research have found that 45% of IT professionals surveyed felt that their leaders haven’t proactively responded to employee burnout, and 59% wish their leaders would offer additional training, mentorship, and development. Responsibility for tackling this issue lies with InfoSec leaders and their organizations.

Despite concerns of a global recession, a new IDC Worldwide Spending Guide forecasts cybersecurity investments will reach $219 billion in 2023, an increase of 12.1%. No doubt, the ongoing rise in cyberattacks and an increase in focus by boards and the C-suite on mitigating risk and building resilience are behind the steadfast commitment to invest in security solutions and services.

As an MSP, one of the best ways to secure your customers' devices is to deploy a layered endpoint security strategy. By following this approach, you establish a proactive posture, which helps prevent intrusion attempts and breaches, and is complemented by continuous monitoring and response capabilities to minimize the risk of incidents. This benefits your customers and helps boost their confidence in your business, enhancing your cybersecurity offering and management.

On September 20, 2023, JetBrains published a blog detailing a critical Remote Code Execution (RCE) vulnerability that was identified in TeamCity On-Premises (CVE-2023-42793). This vulnerability has a Common Vulnerability Scoring System (CVSS) score of 9.8 and can allow an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform RCE. All versions of TeamCity On-Premises are affected by this vulnerability.

In July 2021, the White House established a voluntary initiative for industrial control systems (ICS) to promote cooperation between the critical infrastructure community and the federal government.

The best part of our job is the time we spend talking to Cloudflare customers. We always learn something new and interesting about their IT and security challenges. In recent years, something about those conversations has changed. More and more, the biggest challenge customers tell us about isn’t something that’s easy to define. And it’s definitely not something you can address with an individual product or feature.

In our increasingly interconnected world, wireless networks have become the lifeblood of modern communication and productivity. However, this convenience comes with a price – the heightened risk of wireless attacks. In this in-depth blog, we will delve into the technical intricacies of safeguarding your network against wireless threats. Armed with this knowledge, you can confidently defend your wireless infrastructure against potential attackers.

Deepfakes have emerged as a serious concern in the digital landscape, presenting a significant threat to truth and trust. While it can be fun to swap your face with the Mona Lisa, there are some significant concerns around how these can be used to deceive us. Let’s take a look at some of the methods used, and ways to spot red flags.