Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Don't be fooled: data security requires global data lineage, not "local lineage"

Securing data today requires the context provided by data lineage: where data came from, who interacted with it over time, which systems have used it, and more. But buyer beware: many vendors now claim to offer “data lineage” that only provides a tiny fraction of the context of true, global data lineage.

Simplify and streamline identity security and management to protect your business using AWS Managed Microsoft Active Directory and One Identity Active Roles

Active Directory (AD) is the most prolific identity platform in the world. Like many companies already using AD on-premises, you may now be considering extending your identity environment to the cloud to create a hybrid landscape. There are many reasons behind this: resource constraints, strategy evolution, merger, acquisition or otherwise.

GigaOm Declares Torq the Autonomous SOC Leader, Dramatically Outpacing Legacy Vendors

GigaOm provides technical, operational, and business advice for IT’s strategic digital enterprise and business initiatives. GigaOm applies proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation, empowering enterprises to successfully compete in a changing business atmosphere. GigaOm recognizes Torq as the only Hyperautomation vendor capable of delivering true autonomy to the SOC without vendor lock-in.

Cybersecurity Expert Gaurav Sood Addresses Digital Arrest Scams on CNBC Awaaz | miniOrange

@NarendraModi Calls for Vigilance and Warns of “Digital Arrest” Scams in Digital arrest' frauds have reached alarming levels in India, with losses exceeding ₹120 crore to scammers posing as law enforcement. These fraudsters prey on victims by threatening arrest and demanding large sums as bail or clearance fees. Recent cases reveal that 46% of these attackers operate from Southeast Asia, deceiving individuals with claims of illegal goods or fake documents in their names.

Trustwave SpiderLabs 2024 Trustwave Risk Radar Report: Defining the Cyber Assault on the Retail Sector

The holiday shopping season is almost here, and according to the 2024 Trustwave Risk Radar Report: Retail Sector, threat actors have honed their skills and are prepared to use ransomware and phishing attacks that leverage well-known online brands to conduct direct attacks and fraud operations against retailers and consumers. Skills they will then use to infiltrate retail organizations of all types throughout the rest of the year.

The Job Offer That Wasn't: How We Stopped an Espionage Plot

In cybersecurity, transparency matters—because none of us are immune. Increasingly, we’re seeing threat actors hone in on specific organizations. When we detected the recent “Contagious Interview” campaign targeting one of our own, our team acted fast to stop it in its tracks. We’re sharing this story so others can see how easily these attacks unfold—and how quickly they need to be stopped to protect the community.

Inside a North Korean Phishing Operation Targeting DevOps Employees

Sophisticated threat actors are increasingly targeting organizations with tailored phishing campaigns. Recently, SecurityScorecard detected a similar attempt against our team—and stopped it in its tracks. We’re sharing our findings to support the InfoSec community and strengthen collective defenses against continually evolving threats.

Understanding CVE-2024-47176: Mitigating CUPS Vulnerabilities

The Common UNIX Printing System (CUPS) is a widely used printing system on Unix-like operating systems, but recent vulnerabilities have exposed significant risks. The most critical is CVE-2024-47176, which affects the cups-browsed service by binding to the IP address INADDR_ANY:631. This configuration flaw causes it to trust all incoming packets, leading to potential remote code execution when interacting with malicious printers. This vulnerability is part of a chain of exploits, including.