CIS Benchmarks are a focused set of guidelines for the secure configuration, vulnerability detection, and threat remediation of distributed workloads. In this article, we compare the leading CIS tools that scan against the CIS Kubernetes benchmark framework. Security frameworks help modern software organizations define their risk management processes and platform requirements to prevent cyber threats.

As 2024 draws to a close, the cybersecurity landscape continues to evolve, marked by both familiar adversaries and emerging threats with newer technologies and improved tactics. Rather than merely cataloguing breaches, we look into the anatomy of significant cyber attacks, associated vulnerabilities that led to such events, and relevant controls. We’ve chronicled key developments month by month, offering a comprehensive view of the cyber attacks of 2024 narrative that would help you learn lessons.

Your organization can eliminate standing access by implementing Just-in-Time (JIT) access, using Remote Browser Isolation (RBI), implementing Zero Trust Network Access (ZTNA) and following the Principle of Least Privilege (PoLP). Standing access occurs when users have indefinite access to resources – regardless of their necessity. Privileged accounts are typically given standing access because they need sensitive data frequently.

You can protect your home computer by securing your router, configuring your firewall, installing antivirus software, backing up your data regularly and using a password manager. If your entire family uses your home computer, protecting it is important for keeping your family’s data and identities safe from viruses, malware and hackers. Continue reading to learn why it’s important to protect your home computer and the eight best practices to protect it from cyber threats.

Hacktivism – the practice of carrying out cyberattacks to advance political or social goals – is not new. Hacktivist attacks go as far back as the 1980s. Yet today’s hacktivists often look and operate in ways that are markedly different from their predecessors. They’ve embraced new techniques, they often have more resources at their disposal and they can prove more challenging to stop.

As organizations continue to embrace digital transformation, their infrastructure increasingly spans cloud environments, third-party integrations, and remote work setups. This shift enhances efficiency and productivity—but also broadens the digital attack surface, creating new points of exposure to the public internet.

As developers increasingly adopt chain-based and agentic LLM application architectures, the threat of critical sensitive data exposures grows. LLMs are often highly privileged within their applications and related infrastructure, with access to critical data and resources, making them an alluring target for exploitation at the client side by attackers. In particular, LLM applications can be compromised to expose sensitive data via prompt injection attacks.

In an era where innovative technologies are emerging left, right, and center, two of the most influential in recent years are experiencing exponential growth. Virtual Reality (VR) and Augmented Reality (AR) are immersive technologies that have now firmly integrated into numerous industries. As these technologies have become more prevalent in our personal and professional lives, they bring with them security and privacy challenges that are hard to overlook.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Stand-by for a whole lot more spam and phishing emails. It never ends does it?

Multi-Factor Authentication (MFA) is an important security measure because it requires an additional form of authentication before a user can access an account, service or app. Microsoft found that MFA can block over 99.9% of account compromise attacks, making it one of the most important cybersecurity measures you can implement to protect your accounts. Continue reading to learn what MFA is, why it’s important and different ways you can enable MFA on your accounts.