Customers of software vendors with multiple global data centers can more easily comply with regional data protection and privacy requirements by hosting their data in their preferred geographic region.

Firewalls have had a major influence on modern security techniques and have become the basis of corporate network security. This technology acts as the first line of defense and is a must for any company with a network infrastructure.

Last week, the godfather of AI, Geoffrey Hinton smashed the glass and activated the big red AI alarm button warning all of us about creating a world where we won’t “be able to know what is true anymore”. What’s happening now with everything AI makes all the other tech revolutions of the past 40 plus years seem almost trivial.

Healthcare cyberattacks are increasing in “frequency, severity and sophistication,” said Nitin Natarajan, U.S. Cybersecurity and Infrastructure Security Agency (CISA) deputy director, in his recent HIMSS23 Healthcare Cybersecurity Forum keynote. Attacks on hospitals have surged by 86% since 2021, with the average healthcare organization experiencing two or more ransomware attacks in the past year. “And this is going to continue to increase,” Natarajan warned.

AppSec teams often struggle to either validate or scale their security policies, like enforcing security headers or removing risky technologies. This job is easier said than done, and teams are feeling the pinch. To address these challenges, we launched Attack Surface Custom Policies – a powerful feature built directly into Surface Monitoring that makes it possible to set, enforce, and scale customizable security policies so you can focus on the issues that matter most.

The Federal Information Processing Standard (FIPS) 140-3, is a collection of standards released by the United States government to examine cryptography modules. It explains how to design, develop, and run a cryptography module. The National Institute of Standards and Technology (NIST) and Communications Security Establishment (CSE) created FIPS 140-3 to safeguard critical, unclassified information.

In a security advisory published on May 9th, Microsoft disclosed the existence of a Local Privilege Escalation vulnerability in Sysmon (CVE-2023-29343). The vulnerability was discovered by an independent security researcher and was responsibly disclosed to Microsoft. Microsoft has released Sysmon version 14.16 to address this vulnerability.

On Tuesday May 9th, 2023, CISA published a Joint Cybersecurity Advisory titled “Hunting Russian Intelligence ‘Snake’ Malware” which provided an in-depth analysis of the Russian Federal Security Services’ (FSB) Snake malware. Arctic Wolf Labs has analyzed the advisory and have summarized the content into key findings and takeaways for the security community.

Attack surfaces are a fundamental concept within information security. However, attack surfaces can be constituted of different things. For example, some formulations of an attack surface include not just software and hardware, but the people using them. In this post, we’re going to cover four common types of attack surface, discuss how you should think about the risks associated with each type, and best practices for addressing these risks.

Major companies have suffered serious data breaches this week, and even the city of Dallas, Texas, was hacked and damaged by data attacks that could expose a significant number of people, making it clear that everyone is at risk when it comes to identity theft and data attacks specifically. Huge mental health organizations like Brightline and Mcpherson Hospital exposed confidential patient data, and even the Metropolitan Opera House in New York City was the target of a breach attack this week.