The Digital Operational Resilience Act (DORA) is set to reshape the landscape of financial services in the European Union. But its impact extends beyond EU borders, particularly affecting UK-based Information and Communication Technology (ICT) service providers. Let’s explore how DORA might influence these providers and what steps they should consider taking.

Learn how DNN SAML SSO integration enhances website security and user experience. Streamline authentication across your DNN site and applications today!

Almost every company has a system for organizing file storage, which employees use regularly. Streamlining data storage in a corporate environment is not just about improving business processes; it is also about ensuring security. It is challenging to protect data if you do not know where it is stored, what it contains, its value, who owns it, who has access to it, and what its most significant threats are. This is where Data-Centric Audit and Protection (DCAP) systems come into play.

Double extortion ransomware is a type of cyber attack in which cybercriminals steal sensitive data and encrypt it. Then, cybercriminals threaten to release the stolen data unless the victim pays a ransom. The additional threat of exfiltration makes this type of cyber attack particularly damaging for organizations, as they face the risk of sensitive data being exposed to the public or sold on the dark web.

It was a scene straight out of a casino heist movie, but without George Clooney’s suavity to soften the chaos.

For many years, Cloudflare has used advanced fingerprinting techniques to help block online threats, in products like our DDoS engine, our WAF, and Bot Management. For the purposes of Bot Management, fingerprinting characteristic elements of client software help us quickly identify what kind of software is making an HTTP request. It’s an efficient and accurate way to differentiate a browser from a Python script, while preserving user privacy.

Cloud configuration remains a critical priority for organizations leveraging cloud services, which today, is practically universal. Cloud misconfigurations, in turn, can lead to security vulnerabilities and compliance issues. That’s why it’s more important than ever for organizations to get this fundamental security function right. Here’s what you need to know about cloud misconfiguration, from what causes it to how to remediate it when it does occur. ‍

Once an attacker enters your network, one of their first actions will be to try and hide their tracks by blending in, using methods of deception such as mimicking normal user activities. A cyber defender can also use methods of deception to detect and slow the advance of these adversaries. This is known as an active defense. This article will discuss some methods of using Active Defences, sometimes referred to as ’deceptions,’ as one part of a comprehensive cyber defense strategy.

On Sunday, June 2nd 2024, a fix commit was pushed for a vulnerability in GNU’s popular Wget tool. Two weeks later, the vulnerability was assigned the ID CVE-2024-38428 and later was classified as a critical vulnerability – with a CVSS score of 9.1. In this blog, we take a dive deep into this threat by seeing what caused it, what consequences it might have, and how it can be mitigated.

Certifications are a great way for customers to get confidence that the company they’re trusting with their cyber security is up to the job. So, when the Cyber Advisor scheme was launched, we thought it was a great opportunity to invest in our staff. In this Q&A blog we’ll look at what a Cyber Advisor is, what it means for your business, and what it means to our staff – as we talk to Bulletproof’s first Cyber Advisor, Jemma Aldridge.