Today, IT networks are the backbone of nearly every business. Simply put, if your network isn’t performing at its best, the flow of data and services will be impeded, and your business operations will suffer. This modern reality makes effective server and network monitoring software not just a technical necessity but a business imperative.
In this year-end Trust Issues podcast episode, host David Puner takes listeners on a retrospective jaunt through some of the show’s 2023 highlights. The episode features insightful snippets from various cybersecurity experts and thought leaders, each discussing crucial aspects of the ever-evolving cyber landscape.
For DevOps software developers, navigating the cloud landscape without a clear understanding of risks is equivalent to walking into a minefield blindfolded. Cloud risk management, therefore, becomes an indispensable tool for DevOps – enabling us with the ability to identify, assess, and mitigate potential threats that could jeopardize their applications, their data, and their organization’s reputation.
Compliance with federal cybersecurity guidelines is three things: It’s also a very complex set of rules, guidelines, and standards that address everything from the physical security of your servers and network access to the training your employees receive. On top of that, it’s packed full of acronyms and definitions, all of which have specific meaning. SSP is one of them; it’s a critical document you need to win contracts with the government and is part of the CMMC.
We live in a highly digitized world, and small businesses and solopreneurs have become prime targets for cybercriminals. The 2023 Business Impact Report, conducted by the Identity Theft Resource Center (ITRC), sheds light on a concerning trend: a sharp rise in cyberattacks on these smaller entities. This annual report reveals that 73% of small business owners and leaders experienced data breaches or cyberattacks in the past year, a significant increase.
An open redirect vulnerability occurs when a website allows user-supplied input to influence the destination of a redirect without implementing proper validation or sanitization measures. To exploit this vulnerability, an attacker may send users a seemingly trustworthy link, which, when clicked, redirects them to a harmful website, potentially leading to phishing attacks or other malicious activities.
I recently hosted and moderated a distinguished panel of Chief Information Security Officers (CISOs) - Nitin Raina, CISO at ThoughtWorks, Mike Wilkes, former CISO at Marvel and Yogesh Badwe, CSO at Druva. We discussed major trends for 2024 across an array of topics including the evolving threat landscape, recent regulations, data privacy considerations, securing product and critical infrastructure.
Cybersecurity researchers at Group-IB have identified a single scam campaign leveraging over 1500 websites impersonating postal carriers and shippers leading up to Christmas this year. Scammers are always taking advantage of those current trends that involve the potential for heightened emotions. During tax season it’s tax returns. During the NBA’s Final Four, it’s about sports betting or tickets to the game.
With November demonstrating multiple increases when compared to various previous time periods, new data signals that we may be in for a bumpy ride in 2024. It’s nice when we get to see reports that are published relatively quickly to let us get a sense of where cyberattacks are today versus, say, a quarter or two ago (or even last year!). The NCCGroup’s Cyber Threat Intelligence Report was just published and covers ransomware attacks through November of this year.
