In their capacity as a regulator, the Portuguese National Cybersecurity Centre (CNCS) is at the forefront of adapting to NIS2 requirements and ensuring that entities under their purview are compliant. They provide strategic oversight and support for organisations navigating the complexities of the new directive, which introduces stricter standards for risk management, incident response, and supply chain security.

As cyber threats continue to be more sophisticated, the need for active directory security becomes paramount. Most Windows-based environments are heavily reliant on the AD configuration hence it’s a common target for intruders. This article outlines essential practices for AD hardening to protect your organization’s assets.

Thousands of our customers are leveraging Snyk to implement their DevSecOps and shift-left strategies. However, with the increasing speed and complexity of applications, we also know it’s harder to stay in sync with development. It is increasingly difficult to maintain a clear view of all the software assets being developed, identify ownership and their importance to the business, and, most importantly, ensure that these assets are properly secured by Snyk.

We are thrilled to announce that Rubrik has been ranked highest for the ransomware protection, detection, and recovery use case in the 2024 Gartner Critical Capabilities for Enterprise Backup and Recovery Software Solutions1. This recognition underscores our unwavering commitment to innovation that empowers customers with robust cyber resilience solutions in an increasingly complex digital landscape.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! I really don’t envy the support team on this one!

Like the speed of light, phishing remains a reliable constant in the cybercrime universe, never going out of fashion with fraudsters, always reinventing itself to stay relevant. As part of that reinvention, phishing-related scams increasingly use search engine optimization (SEO) to drive malicious websites higher in search results, outranking legitimate sites whose brands they often impersonate.

The modern age of renewable energy has seen a surge in solar panels and wind turbines. While these systems enhance sustainability, their digital technologies carry risks. Cybersecurity professionals must know the relevant nuances when integrating renewable systems.

Until recent decades, operational technology (OT) – a principal element in manufacturing – remained segmented from information technology (IT). OT systems, responsible for monitoring and controlling physical machinery and equipment, were manually managed by skilled workers, operated in isolation, and secure in their simplicity.

Analyst reports aim to provide market insights. But when it comes to Human Risk Management (HRM), we’ve noticed that they often fall short of capturing the full picture. You already know that we are the undisputed leader in the essential areas that have been standard features in the security awareness market for years. Those capabilities are why we’ve become the largest vendor in the space. But for years now we have exceeded just those standard features.

Government entities were in the top five industries targeted by both ransomware and business email compromise (BEC) attacks in 2023, according to Arctic Wolf. Additionally, the FBI reported that government entities were the third most-targeted sector by ransomware in 2023, and Arctic Wolf’s own research saw the average ransom for government organizations top $1 million USD that same year. It’s clear that cyber threats are plentiful for these entities.