Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

CMMC Audit: What is it and how to prepare for it

Business owners whose revenue streams depend significantly or partially on government contracts have been recently faced with the mandatory emerging regulations called Cybersecurity Maturity Model Certification, also known as CMMC. All organizations working with the Department of Defense (DoD) and Federal government as their prime or subcontractors must be audited against these requirements by a competent third-party CMMC auditor.

Critical Unauthenticated SQL Injection Vulnerability Patched in WooCommerce

On July 14, 2021, WooCommerce issued an emergency patch for a critical vulnerability allowing an unauthenticated attacker to access arbitrary data in an online store’s database. WooCommerce is one of the most popular e-commerce platforms in the world and is installed on over five million websites. Additionally, the WooCommerce Blocks feature plugin, which is installed on more than 200,000 sites, was affected by the vulnerability and was patched at the same time.

Enterprise Readiness made simple

I love Lego (don't we all), probably a little more than my kids. It invokes a builder's instinct. I feel the same way with code as well. When I started my career in the early 2000s building software was complex. You had to visit datacenters and set up your servers to even get started, it was the age of the ASPs; the predecessor of SaaS.

LockBit Ransomware hits again

Launched in September 2019 and formerly known as 'ABCD', LockBit is a ransomware-as-a-service (RaaS) threat that was updated in June 2021 and improved on the group’s earlier claims of having the fastest encryption process on the ransomware scene (Figure 1). Much like other RaaS offerings, LockBit operates an affiliate profit sharing program in which up-to eighty percent of a ransom payment can be earned whilst the operators claim the remainder.

How Did the Cybersecurity Ecosystem Get So Clogged Up?

Today’s enterprise operations involve the coordination of several different digital ecosystems but none quite so inflamed as the cybersecurity ecosystem. Technology has been evolving at a rapid pace, and attackers are armed with advanced tactics to steal data and expose secure information. In response, cybersecurity teams deploy numerous tools and solutions to prevent and mitigate these attacks.

5 reasons why you need Cyber Essentials

If we told you that certifying with Cyber Essentials was a simple but effective way to protect yourself from up to 80% of common cyber attack methods, wouldn’t that alone be enough to convince you it’s worth it? The Cyber Essentials scheme is a Government backed certification standard that enforces 5 key technical controls. By following these controls, you create an essential security baseline to protect your business from everyday cyber threats.

Remote learning: A bounty for online cyberattackers

On 26 April 2020, 189 countries across Asia, Europe, the Middle East, North America, and South America shut down schools marking one of the largest mass school closures in history. But today, more than a year since COVID-19 forced entire cohorts online, economies continue to flit in and out of lockdowns and schools are continuing to resort to remote or hybrid-learning arrangements.

What is the Digital Supply Chain?

The supply chain for any product has several moving parts. Each activity in the supply chain plays a role in the flow that begins with sourcing a product's raw materials and ends with delivering the finished goods to a customer. As with many other areas of modern business, digital technologies are redefining supply chains. With more technology comes increased cyber risks. This article explains digital supply chains along with their benefits and cybersecurity risks.