Server hardening is a process that secures, essentially “hardening” a server infrastructure reducing the attack surface, which encompasses all potential entry points that unauthorized attackers could exploit. The objective is to enhance protection, minimize vulnerability and improve security posture. Achieving security and compliance requires implementing server hardening as an essential prerequisite. Server hardening is a proactive process that involves.

Telehealth or telemedicine is one of the most common ways of providing healthcare services in the EU, with nearly 77% of countries adopting some type of telehealth service. Countries like Norway, Sweden, Denmark, and Italy are considered some of the world’s leaders in providing telehealth services. Following the COVID-19 pandemic, telehealth became widely adopted across Europe, with many countries participating in cross-border collaboration.

To help secure sensitive data, emails that include health and care information sent to and from health and social care organisations are required to meet the Secure Email Standard (DCB1596). In this article, we discuss the standard, what it covers, and how to ensure your organisation fully meets its requirements.

Generative AI is an exciting technology that is now easily available through cloud APIs provided by companies such as Google and OpenAI. While it’s a powerful tool, the use of generative AI within code opens up additional security considerations that developers must take into account to ensure that their applications remain secure. In this article, we look at the potential security implications of large language models (LLMs), a text-producing form of generative AI.

The cloud provides multiple benefits for running services and storing data. Just like with data stored on-premises, data stored offsite and in the cloud should be backed up. Data stored in the cloud is not invulnerable by default, as the risk of data loss is still present due to accidental deletions and cloud-specific threats. At the same time, the cloud can be useful for disaster recovery.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently announced that they are investigating a major breach at Sisense, a business intelligence company.

In a digital era marked by rapidly evolving threats, the complexity of cybersecurity challenges has surged, pressing organizations to evolve beyond traditional, tech-only defense strategies. As the cyber landscape grows more intricate, there's a pivotal shift towards embracing methods that are not just robust from a technical standpoint but are also deeply human-centric.

The power of artificial intelligence (AI) and machine learning (ML) is a double-edged sword — empowering cybercriminals and cybersecurity professionals alike. AI, particularly generative AI’s ability to automate tasks, extract information from vast amounts of data, and generate communications and media indistinguishable from the real thing, can all be used to enhance cyberattacks and campaigns.

Welcome to the 17th edition of Cloudflare’s DDoS threat report. This edition covers the DDoS threat landscape along with key findings as observed from the Cloudflare network during the first quarter of 2024.

In late February 2024, Mandiant identified APT29, a Russian state-sponsored threat group, deploying a new backdoor called WINELOADER to target German political parties. This campaign marks a significant shift in APT29's targeting, as they have traditionally focused on government and diplomatic entities. The expansion to political parties suggests an evolution in the group's intelligence gathering priorities, likely influenced by the current geopolitical climate.