On August 22, 2024, a remote code execution vulnerability (CVE-2024-40766) was disclosed in SonicOS, affecting a selection of SonicWall firewall devices. At the time of disclosure, active exploitation was not known and no proof-of-concept exploit was publicly available. As of September 6, 2024, however, the security advisory has been updated with additional details, indicating that the vulnerability is potentially being actively exploited.

On September 5th, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) issued an urgent advisory warning security teams about efforts undertaken by threat actors affiliated with Russia’s General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155).

Demonstrating Return on Investment (ROI)—showing how your security investments translate into tangible business value—helps assess their impact. Veracode Dynamic Analysis enables you to deliver secure software that aligns with business goals such as reducing risk, cutting costs, and saving time. To see the potential business value of Veracode Dynamic Analysis for your organization, check out our ROI calculator.

Increasing digitalization and connectivity mean the attack surfaces of most organizations are growing. This means more IT assets to track and manage, plus more potential attack routes for threat actors to target. The threat situation is constantly increasing, especially in the area of vulnerabilities – last year over 30,000 new vulnerabilities were published. So how can you get an accurate view of your attack surface and where it might be open to exploitation?

Did you fall for a scam and accidentally give your card details to a scammer? To protect yourself and your finances, you should lock your card, contact your card issuer and freeze your credit report. Continue reading to learn what you should do if you’ve fallen for a scam and how you can avoid scams in the future.

Whenever anything of value is transferred between parties online, there will be crooks lurking in the shadows, looking to defraud the participants. As consumers, we almost expect them to be there. As businesses, it’s often our responsibility to protect our customers and prospects from being defrauded by bad actors masquerading as our representatives. Airline-related fraud accounts for an estimated 46% of all fraudulent online transactions.

The Security of Critical Infrastructure (SOCI) Act in Australia mandates that organizations operating within critical infrastructure sectors implement robust cybersecurity measures to protect against an increasingly diverse and sophisticated range of cyber threats. These sectors, which include energy, water, communications, healthcare, transport, and other essential services, are vital to national security, public safety, and economic stability.

Analysis of a new phishing attack demonstrates how attackers may take a longer path to reach their malicious goals while staying “under the radar” of security products. It would be pretty simple to create a phishing attack that sends its’ victims a brand-impersonated email with a link that takes you to an impersonated webpage that asks for credentials, personal details or credit card information. But many of today’s security products will detect the impersonation immediately.

In this article, we’ll take a deep dive into osquery tables, by talking about osquery’s ‘file table’ which has some powerful abilities, along with its fair share of limitations.

Here we provide an overview of the ISO 27001 audit process, so companies can embark on it with a clear idea of what it entails, and how they stand to benefit.