Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Here at Rubrik, few things excite us more than knowing that the work we do enables a smoother functioning of our governments. Government organizations have an important duty to defend our nation’s critical institutions and essential infrastructure against threat actors—while operating with limited budgets and limited resources. Rubrik has a long history of securing public sector institutions. We have relentlessly focused on developing products that ensure rapid and confident cyber recovery.

With the cybersecurity landscape constantly evolving, discussing cybersecurity trends for 2024 can feel like trying to predict the unpredictable. But amid all the uncertainty, trading ideas about the future of security can help us better understand how to prepare for the months ahead. Here, our co-founders Thomas Kinsella and Eoin Hinchy share five cybersecurity predictions for 2024, including insights on AI's role in security, the ever-changing role of the CISO, and more.

2023 was a tumultuous year that drove technology transformations at a pace unknown. The industry saw an accelerated and unrivaled pace of technology adoption, persistent yet evolving challenges and unparalleled market dynamics around the world. The following are the top three trends from last year that influenced my thinking as a CIO at the top of 2024.

XML-RPC is a powerful and versatile protocol in the ever-evolving web development and data communication landscape. XML-RPC, which stands for Extensible Markup Language – Remote Procedure Call, provides a standardized way for software applications to communicate over the Internet. XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the webserver context.

The core tenets of information security is to protect assets from unauthorized disclosure, prevent unauthorized changes, and to make them available as needed. These align with the CIA security triad of Confidentiality, Integrity, and Availability.

Wherever you are in your SASE or SSE journey, it can be helpful knowing what other CISOs are doing once they’ve implemented these platforms. Getting started with enhanced security is a lot easier than you might think. With Cato’s security services being delivered from a scalable cloud-native architecture at multiple global points of presence, the value is immediate. In this blog post, we bring the top three things you, as a CISO, can do with Cato.

AutoIt is a scripting language designed for automating the Windows GUI and general scripting. Over the years, it has been utilized for malicious purposes, including AutoIt-compiled malware, which dates back to as early as 2008. Malware creators have exploited the versatility of AutoIT in a variety of ways, such as using obfuscated scripts for payload decryption, utilizing legitimate tools like BaSupportVNC, and even creating worms capable of spreading through removable media and Windows shares.

The security posture of any organization is the result of comprehensive security strategies, processes and practices, which enable organizations to be resilient against evolving security threats. This article describes what we mean by “security posture”, including why it matters, and what comprises it. Importantly, we’ll also understand how to assess and improve the security posture.

GitLab has addressed two critical vulnerabilities in the GitLab Community Edition and Enterprise Edition that require immediate attention.

Spotting insider threats isn’t easy. There are a number of behavioral indicators that can help you see where a potential threat is coming from, but this is only half the battle. Efficient insider threat detection also requires comprehensive tools that allow you to monitor suspicious users’ sessions and track their activities. In this article, we describe what insider threat indicators are to help you spot potential malicious actors.