Gartner’s 2024 Hype Cycle for Application Security is making the rounds, and Application Security Posture Management (ASPM) continues to climb up and around the famous curve, from the Peak of Inflated Expectations in 2023 to this year’s slide towards the Trough of Disillusionment. That’s pretty fast movement for a technology that we haven’t yet succeeded in clearly defining!

In a troubling development for cybersecurity, the BlackByte ransomware group has shifted tactics by exploiting a newly discovered authentication bypass vulnerability in VMware ESXi, tracked as CVE-2024-37085. This vulnerability has allowed attackers to compromise critical infrastructure within enterprise networks, highlighting a significant shift in the threat landscape.

The Meduza Stealer, a malware designed for comprehensive data theft, first appeared on dark web forums on June 12, 2023. It was introduced by a mysterious actor known only as 'Meduza,' with prices ranging from $199 to $1199. Since its emergence, it has gained attention across cybercriminal communities for its potent capabilities.

Worried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices to protect yourself and your organization while leveraging AI.

California’s data protection law applies not just to consumers, but to employees. And it’s finally taking effect.

For companies looking to get their data practices in order, the ISO 2700 standards provide a valuable starting point to use when crafting policy.

By James Rees, MD, Razorthorn Security Times must change (and always will) and nowhere is this more true than in the realm of technological advancement. Thirty years ago, the technological landscape was vastly different from what we have today and technological change has outpaced Moore’s Law for some time now. Information security must keep pace with these advancements. This has become especially true with the advent of AI.

Cybersecurity is a critical and complex challenge for every business in today’s digital world. However, not every business has the resources, expertise, or time to manage its security effectively and efficiently. That’s where CISO as a Service comes in. CISO as a Service is a flexible and scalable solution that provides you with access to a dedicated and experienced Chief Information Security Officer (CISO) and their team of security professionals.

On August 29, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) issued an urgent advisory warning security teams about known RansomHub ransomware IOCs and TTPs identified through FBI threat response activities and third-party reporting as recently as August 2024. Detailed information about this threat and the associated IOCs and TTPs can be seen in the advisory #StopRansomware: RansomHub Ransomware.

Curious about how IoT automation can revolutionize your industry? This article dives into practical applications like smart manufacturing, predictive maintenance, and remote monitoring. We’ll explore the key benefits, including increased productivity, cost cuts, and improved safety, including real-world examples and insights on how IoT is driving efficiency and innovation in industrial automation.