Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

You’ve probably heard of a few password management options, like 1Password (👋), Dashlane, and LastPass – but what do they all do?

The biggest problem with granting too many permissions is that you may be delegating the right to grant permissions. In the realm of cybersecurity, few areas are as critical as managing privileged access. Privileged accounts, often referred to as the "keys to the kingdom," have the power to unlock and control vast portions of an organization's IT infrastructure.

Cyber resilience goes beyond mere security tools or yearly employee training. While both are crucial, a multi-layered cybersecurity approach is essential for the most robust protection. You might be asking “Where is the best place to start?” Or “Is what I am doing enough?” I think we all recognize that cybercrime is on the rise. Recent research indicates that cybercrime is indeed up 300% since 2020.

As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks. Every quarter, I’ve been covering the Quarterly Ransomware Reports from ransomware response company Coveware. In their latest report covering Q3 of this year, we get a greater sense of what trends their security researchers are seeing from the data: This last one is interesting.

Cloud-native and analytic solutions provider Sumo Logic has announced a cybersecurity incident stemming from a compromised AWS account. Sumo’s clients come from various industries, including airlines and video game franchises. On November 7th, they posted a breach notice to their website; they stopped the attack before the data could be unencrypted.

SysAid on-premises software faces a zero-day vulnerability tracked as CVE-2023-47246. SysAid recommends that all customers immediately upgrade to version 23.3.36, which has a security patch for the path traversal vulnerability.

With the majority of data breaches now caused by compromised third-party vendors, cybersecurity programs are quickly evolving towards a greater emphasis on Vendor Risk Management. For advice on choosing the best VRM solution for your specific data breach mitigation requirements, read on.

Traditionally Hacktivists were thought of as ideologically motivated threat actors, unaffiliated with nation-states. However recently according the Cyberint research, the lines have blurred. There are now several Hacktivist groups who align with specific nation-states. One example is the KillNet Hacktivist Group. KillNet is a hacktivist group aligned with Russia, who gained significant attention at the onset of the Russia-Ukraine conflict.

Organizations use more and more cloud services these days to improve business efficiency and achieve working flexibility for remote employees. However, keeping up with reliable cybersecurity measures in such a cloud-dependent world becomes challenging. And one of the reasons for that is the increase in insider risk. In this article, we explore the major insider risks in cloud infrastructure and discuss the importance of IRM program for cloud security.