Dissecting the cybersecurity landscape isn’t easy. Organizations are perennially under-prepared. Seemingly every person in the world has been affected by some company’s data breach. Then, we layer in the biggest tech news of 2023: the widespread experimentation and use of generative AI. Today, no one is immune from the threat of an attacker. Each organization must be ready. Organizations of all sizes must understand the evolving cybersecurity landscape in order to defend themselves.

Penetration testing has become a cornerstone of robust cybersecurity strategy. It’s a critical process where experts simulate cyber attacks on your systems, networks, or applications to identify vulnerabilities before real attackers can exploit them. This proactive approach fortifies your defences and ensures compliance with various industry standards.

Two vulnerabilities have been detected in in Citrix NetScaler ADC and NetScaler Gateway. These vulnerabilities are being tracked as CVE-2023-6549 and CVE-2023-6548 with CVSS scores of 8.2 and 5.5 respectively. They are under active exploitation, affecting the following product versions.

Ransomware-as-a-service (RaaS) may not be a brand-new tactic on the cyber battlefield, but it’s quickly gaining popularity among threat actors. For at least the past five years, cybercriminals have not only realized the monetary effectiveness of ransomware, but have understood that by banding together, and utilizing each other’s strengths, they could expand their ransomware attacks, split the profits, and utilize stolen data to launch future cyber attacks on larger organizations.

Imagine you’re on the tail end of installing a 100-line script. It’s five o’clock, and you’re ready to head out early for once. You run the startup script on a new server, and then – the fated error message. Something isn’t working, and only after painstakingly reviewing 67 lines of code do you realize you had the IP address wrong. This could have been prevented.

A new comic strip to better grasp the simple but effective way HasMySecretLeaked checks your secrets without asking you to reveal them!

Hypothesis-driven hunting is probably the most well-known type of threat hunting, and it’s one of the three types defined in the PEAK threat hunting framework. In this article, we’ll walk through a sample hypothesis-driven hunt, step-by-step. For our data, we’ll be using the Boss of the SOC Version 3 (BOTSv3) dataset, which you can use to recreate the hunt and work through it on your own. Below is a diagram of the Hypothesis-Driven hunting process.

Over the last couple of difficult years, businesses worldwide have been forced to accelerate their adoption of new technologies and IT security – and cybercriminals have been just as fast to catch up. Fresh from our latest report, here are some headline stats about phishing that you need to know for 2024.

Most customers come to Netwrix in anticipation of going public or in preparation for audit after an IPO. Recently, however, an increasing number of public companies are purchasing our products after failing an audit or receiving a warning of material deficiencies. The good news is that, in all cases, the main challenges are entirely avoidable without a great deal of work.

It shouldn’t be a shock to point out that data breaches carry a huge reputational risk — one that almost always impacts the bottom line. As we can see from any number of recent, highly publicized incidents, not taking data security seriously can result in serious consequences.