In the era of rapid digital transformation, organizations are prioritizing cloud transformation projects to enhance their operational agility, scalability and cost efficiency. However, this shift takes time and brings significant challenges, particularly in security and identity management.

ISO 27001, the internationally recognised standard for information security management systems (ISMS), provides a framework for organisations to protect their valuable information assets. Penetration testing is crucial in preventing data breaches and maintaining the business’s reputation. ISO 27001 strongly recommends it as a critical tool for assessing an organisation’s security posture and ensuring compliance with control A.12.6.1, which focuses on managing technical vulnerabilities.

On May 20, 2024, Ticketmaster parent company Live Nation Entertainment launched an investigation after detecting unauthorized activity within a database containing company data. A week later, they were contacted by someone who threatened to sell their user data on the dark web. I, like many other Ticketmaster customers, became worried about my data, so I took immediate steps to protect myself. Here is what I did.

The public sector continues to be a target for cybercriminals as ransomware attacks and data breaches hit government organizations at all levels, incurring large financial costs and operational disruptions. The public sector is especially vulnerable to cyber attacks for a variety of reasons, including legacy systems, lack of resources, large amounts of sensitive data and the fact that it manages essential services.

Imagine your financial data behind a seemingly impenetrable wall, but in reality, it's akin to a fortress with invisible cracks. That is a world without Threat-Led Penetration Testing (TLPT). As cyber threats become more nuanced and lethal, TLPT stands as a specialised sentinel in the arsenal of financial institutions, safeguarding sensitive assets through the simulation of real-world attacks.

The Importance of EPP With cyber attacks continuing unabated, neglecting endpoint security is dangerous and potentially catastrophic. Organisations must adopt reliable endpoint security solutions to prevent threat actors from hijacking business systems or stealing sensitive data. Kaspersky The recent decision by the US government to ban the sales of Kaspersky antivirus software due to its ties to Russia underscores the importance of a trustworthy software supply chain.

With over 100 million users and partnerships with Microsoft, Reddit, Stack Overflow, and more, ChatGPT has become the herald of an AI revolution since its launch in late 2022. The rise of this AI-powered natural language processing tool comes down to two distinct features: its conversational nature, which allows anyone to ask questions and receive detailed and helpful responses, and its access to a global knowledge base.

THORChain is a network that facilitates native asset settlement between various blockchains including Bitcoin, Ethereum, BNB Chain, Cosmos, and more. Overall, THORChain aims to provide a seamless and efficient way for users to exchange assets across different blockchains while maintaining a high level of decentralization, security, and community participation.

FedRAMP, the federal risk and authorization management program, is a comprehensive and structured way to develop a security – mostly cybersecurity – position when working with the federal government. It’s a framework meant for contractors and third-party businesses that handle information for the government and who need to keep it secure. The question is, if you’re a cloud service provider, what are the benefits of implementing FedRAMP?

ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different variants of its router models. Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8 (critical), the vulnerability permits remote attackers to take control of the affected router models without needing any login credentials.