Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Why Risk-Based Vulnerability Management (RBVM) Increases Your Security Debt, and How You Can Fix It

In this Nucleus webinar, we take a deep dive into the practical challenges and strategies for managing security debt in the context of Risk-Based Vulnerability Management (RBVM). Scott Kuffer, co-founder of Nucleus Security and veteran in vulnerability management, explains how RBVM has shifted from a holistic risk reduction approach to a prioritization-heavy process that often falls short. He discusses why traditional methods lead to excessive security debt and demonstrates how aligning VM processes with product management principles can create more efficient, business-centric remediation.

QR Code Phishing is Growing More Sophisticated

Sophos describes a QR code phishing (quishing) campaign that targeted its employees in an attempt to steal information. The attackers sent phishing emails that appeared to be related to employee benefits and retirement plans. The emails contained PDF attachments which, when opened, displayed a QR code. If an employee scanned the code, they would be taken to a phishing page that spoofed a Microsoft 365 login form. The page was designed to steal login credentials and multi-factor authentication codes.

Insider Threats & Third Party Risk: How to Manage Security Threats | Razorthorn Security

Every vendor you trust and every employee you hire could be your next security crisis—explore the realities of third party risk and insider threats on this episode of Razorwire! Join us for a discussion on the multifaceted challenges of third party risk and how they can destabilise your organisation. From the growing complexities of cloud providers like AWS and Azure to detecting and dealing with insider threats, our conversation covers it all.

Beyond UEBA: Elevating Insider Risk Management with Behavioral Intelligence

Insider risk management is more critical than ever as human error and insider threats drive escalating security breaches. While many organizations have adopted User and Entity Behavior Analytics (UEBA) to monitor potential risks, relying solely on UEBA may fall short of the depth needed to stay ahead of these increasingly complex threats.

CrowdStrike Falcon Platform Supports Google Cloud's ARM-Based Axion CPUs

CrowdStrike is proud to announce cloud security support for Google Cloud’s first custom ARM-based processor, Axion, delivered by the unified, cloud-native CrowdStrike Falcon platform. This extends industry-leading protection to our customers with extensive coverage for Google Cloud environments. We are excited to collaborate with Google Cloud, which today unveils its new C4A Virtual Machines.

What's New With Keeper | October 2024

Passphrases are quickly emerging as a user-friendly alternative to traditional passwords. Earlier this year, Keeper integrated a passphrase generator into our web vault. Now, our users can take advantage of this ultra-secure, convenient functionality on our Android mobile app and KeeperFill Browser Extension, with iOS coming soon. Like Keeper’s password generator, you can generate a passphrase within your vault or record screen with a simple click of the dice.

How Keeper Helps Businesses Comply With the New CMMC Ruling

With the Cybersecurity Maturity Model Certification (CMMC) 2.0 now finalized by the U.S. Department of Defense (DoD), contractors and suppliers across the Defense Industrial Base (DIB) must ensure they meet stricter cybersecurity standards to maintain eligibility for DoD contracts. Achieving and maintaining CMMC compliance is no small task — it requires robust security protocols, continuous monitoring and strict control over access to sensitive information.

Can 2FA Stop Hackers?

Yes, Two-Factor Authentication (2FA) can stop hackers from accessing your accounts, but it’s not entirely foolproof and some forms of 2FA are stronger than others. 2FA is a type of Multi-Factor Authentication (MFA) that requires two authentication factors. With 2FA, you will need your username, password and another authentication method before you can access an online account.