Vulnerability management programs attempt to identify and correct software vulnerabilities before they pose a significant threat to an organization’s cybersecurity. To learn more about how to design and implement a vulnerability management program, check out these resources: This article describes the tools that an organization will need to implement an effective vulnerability management program.

Netskope Threat Labs publishes a quarterly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

Cybersecurity in 2024 has seen a shift toward open, collaborative intelligence sharing across industries. This shift is promising but not yet complete; significant gaps remain in intelligence sharing, especially following cyber incidents. Victim organizations are often hesitant to share attack details due to fears of reputational damage and stigmatization.

In recent years, the security of the United States' critical infrastructure has become a pressing concern, particularly in the oil and gas sector, due to its pivotal role in the nation's economy and energy supply. Recognizing this, the Transportation Security Administration (TSA) implements several new directives in July each year aimed at enhancing the security and resilience of vital energy infrastructure against various threats, including cyber-attacks and physical disruptions.

Continuous vulnerability management is not just a best practice—it's a necessity. With so many open-source dependencies to choose from (almost 3 million on the npm registry!), it’s no wonder supply chain security incidents are the focus of malicious actors. Let’s not forget the rise of ChatGPT, LLM chatbots, and AI-assisted code generation.

The holiday shopping season is almost here, and according to the 2024 Trustwave Risk Radar Report: Retail Sector, threat actors have honed their skills and are prepared to use ransomware and phishing attacks that leverage well-known online brands to conduct direct attacks and fraud operations against retailers and consumers. Skills they will then use to infiltrate retail organizations of all types throughout the rest of the year.

This post is based on ongoing security research – and will continue to be updated as we get additional information…

With an average of more than 5 data breaches globally a day, it’s clear companies need a way to prevent data loss. This is where a data loss prevention policy comes into play. A data loss prevention policy serves as a crucial safeguard against unauthorized access, data breaches, and compliance violations. This comprehensive framework outlines strategies and procedures to identify, monitor, and protect valuable data assets across an organization’s network, endpoints, and cloud environments.

CVE-2024-47575, also known as FortiJump, is a critical (9.8) missing authentication vulnerability affecting critical functions in FortiManager and FortiManager Cloud versions. Threat researcher Kevin Beaumont published a blog post on October 22nd, 2024 identifying this vulnerability as a zero day. This vulnerability is separate from CVE-2024-23113, which also affects FortiGate devices.

In the wake of Cisco’s recent data breach involving exposed API tokens - amongst other sensitive information - the cybersecurity community is reminded once again of the significant risks associated with unsecured APIs. Though Cisco has asserted that the damage was limited to a public-facing environment, such breaches demand a more cautious evaluation. Exposing sensitive information like API tokens, credentials, and even source code can have broader security implications than initially apparent.