In an era where data breaches make headlines almost weekly and cybercrime costs businesses billions annually, states across the U.S. are taking decisive action to protect their residents’ sensitive information. From California’s groundbreaking privacy laws to New York’s rigorous cybersecurity requirements for financial institutions, state-level regulations are rapidly evolving to address the complex challenges of digital data protection.

The WAN landscape is evolving at a rapid pace, driven by demands of cloud, mobility, and globalization. MPLS (Multiprotocol Label Switching), a legacy transport technology, once the gold standard, now struggles to meet modern business requirements.

A newly discovered critical vulnerability, CVE-2024-53677, in Apache Struts enables remote code execution (RCE) and is actively exploited in the wild using a publicly available Proof-of-Concept (PoC). Apache Struts is an open-source framework for building Java-based web applications. It helps developers create scalable software solutions, that powers everything from e-commerce websites to financial systems and government platforms.

Microsoft 365 is now an important tool for businesses and organizations around the world. It has a full set of productivity and collaboration apps. However, with the increasing reliance on this platform, the need for robust security practices has also become more critical. Cyberthreats are constantly evolving, and it is imperative for organizations to stay updated with the latest security measures to protect their data and systems.

Each year, we revisit our risk rating system to ensure it best reflects the needs of security practitioners safeguarding their organizations and supply chains. For our recentupdate, we’ve made two closely related changes: we’ve recategorized some of our existing findings to make an organization’s risk profile more understandable and recalibrated our scoring algorithm to more clearly illustrate the impact of specific risks.

California Governor Gavin Newsom’s recent veto of SB 1047, a proposed AI safety bill, has sparked a hot debate on the balance between innovation and regulation in the artificial intelligence (AI) space. California has over a dozen AI related bills that have been signed although this bill sought to establish rigorous safety testing requirements for large-scale AI models and introduce an emergency "kill switch" for situations where systems might become dangerous.

We’re excited to share new updates and enhancements for December, including: For more information on these updates and others, please read the complete list below and follow the links for more detailed articles.

In this digital age, where cyber threats are always evolving, keeping private data safe has become important for both people and businesses. Encrypting passwords is an important part of data security because it keeps user information hidden from attackers who shouldn't have access to them. Advanced algorithms are used to encrypt passwords into unreadable form. This makes encryption a strong defense against breaches and identity theft.

We are fast approaching the end of (another) turbulent year for cybersecurity. Looking back, it's hard to believe that so much can happen in such a short time. As we finish up our work for the year, head home to our families, and prepare to close the book on 2024, it's worth considering what's next. And who better than Fortra's experts to offer insights into the year to come? Keep reading for expert predictions of cybersecurity in 2025.

Compare compliance and risk management, including how they are similar but ultimately different, and learn important best practices for unifying these strategies.