Clifford Stoll, astronomer, author, and teacher, often joked about computer passwords. He said, “Treat your passwords like a toothbrush. Don’t let anybody else use it, and get a new one every six months.”

In January 2023, the European Commission (EC) released an updated version of the European Union (EU) Network and Information Security Directive (NIS2) to strengthen cybersecurity risk management across Europe’s essential services. NIS2 updates the original NIS directive and focuses more on regulations for cloud infrastructure, internet exchanges, domain service providers, and digital service providers.

The Critical Entities Resilience (CER) Directive is a new initiative in the EU that aims to ensure that critical entities providing essential services are effectively managing their network and information security. The CER Directive is part of the EU’s latest effort to build stronger cyber resilience across Europe, alongside NIS2 and the EU Cyber Resilience Act.

On April 24, 2024, Cisco Talos and several government security agencies published details on a sophisticated threat campaign focused on espionage and gaining unauthorized access to sensitive information from targeted government entities and organizations in critical infrastructure. As part of that publication, Cisco disclosed CVE-2024-20353 and CVE-2024-20359, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) devices, which were actively exploited in the documented campaign.

Containers are integral to modern application development portability, resource efficiency, and ease of deployment. But there is a flip side to these benefits. Unlike traditional applications, containers bundle everything needed to run, making them a scattered setup for hidden security issues. 54% of container images in Docker Hub were found to contain sensitive information that could lead to unauthorized access, data breaches, or identity theft.

The Publishers Clearing House (PCH) appeared in 1967, promoting magazine subscriptions, merchandise, time-share vacations, and their famous cash prize sweepstakes. Since 67’ over 11 million people have won PCH sweepstakes, totaling over $593 million in cash winnings. More people than ever have entered the PCH sweepstakes, looking for their chance to win thousands - sometimes millions - of dollars overnight.

This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. In the movie The Matrix, The Key Maker controlled access to many locations and resources with the goal of preventing malicious code from destroying sensitive information. In a rare life-imitates-art situation, organizations today face the same challenge as they work to protect operational processes and corporate information.

The #1 global managed detection and response (MDR) provider and pioneer continues to dominate. Today, CrowdStrike was named a Leader in the 2024 IDC MarketScape: Worldwide Managed Detection and Response 2024 Vendor Assessment1 among the 19 vendors evaluated in the report. CrowdStrike was also recently named a Leader in Frost & Sullivan’s 2024 Frost Radar: Managed Detection and Response. The global demand for MDR continues to surge as businesses face a harsh reality.