Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

An effective third-party risk management (TRPM) program allows organizations to assess potential vulnerabilities and mitigate security risks across their entire ecosystem of vendors and suppliers. If your organization is expanding its third-party ecosystem by relying on partnerships to execute core operations, creating an effective TPRM plan is critical to regulating data risks across your growing attack surface.

The Virginia Consumer Data Protection Act (VCDPA) was the second comprehensive consumer privacy law passed in the United States. The act followed the California Consumer Privacy Act (CCPA) and took effect on January 1, 2023. Commercial organizations that conduct business in Virginia and process consumer data will be the most affected by the VCDPA. Learn how UpGuard’s comprehensive cybersecurity solution can help your business remain compliant>

Scareware is a type of social engineering cyberattack that uses psychological manipulation to trick victims into downloading malware disguised as antivirus software. Cybercriminals trick users with frightening, urgent messages in pop-ups or emails which claim their computer is infected. Continue reading to learn how scareware attacks work, how to avoid falling victim to them and how to remove scareware from your devices.

The new advanced detection analytics package to detect lateral movement Lateral movement is a dangerous threat in the landscape of highly integrated technologies. If attackers gain access to an endpoint, it’s critical for security teams to identify any and all movements they make. To combat this threat, Elastic Security is excited to announce a new lateral movement detection package that makes use of advanced analytics.

The most significant change in the lifespan of identity security thus far is zero standing privileges (ZSP). Considered to be the next evolution of just-in-time (JIT) access, although it may seem needlessly complex at first, once you wrap your head around the concept, it feels as natural as turning off lights when you leave a room. But first, a bit about me and the journey to ZSP.

More mobile devices, more problems. The business landscape has shifted dramatically, as more endpoints connect to corporate networks from a wider variety of locations and are transmitting massive amounts of data. Economic forces and a lengthy pandemic have caused a decentralization of the workforce and increased adoption of a hybrid workplace model. Today, employees are more mobile than ever.

Texas State agencies, educational organizations and municipalities face relentless cyberthreats from malicious actors. These attacks jeopardize sensitive information and disrupt essential services. TX-RAMP serves as a program that aids agencies in enhancing their overall cybersecurity posture. Selecting a TX-RAMP Certified solution for password and privileged access management will help organizations of all sizes defend against cyberthreats.

Supply chain security issues are not exactly new. High-profile attacks, like SolarWinds in 2020, were a big wake-up call for many people because they brought home just how far-reaching and destructive these attacks could be. The threat from supply chain partners remains one of the most significant risks to security beaches. The SANS 2023 Attack and Threat Report found that 40% of breaches in 2022 occurred through supply chain partners.

1st Source Bank is a major financial institution located in Indiana and Michigan. The bank is headquartered in South Bend, Indiana, but there are 81 branches in the two states. Between these branches, there is a large number of employees and hundreds of thousands of customers. Many of those customers lost their personal data thanks to a recent breach.

Near the end of July, the MOVEit data breaches that occurred back in May are still doing serious damage and hurting major companies. Three of the five breaches reported this week were due to MOVEit-related attacks, including Milliman Solutions, the National Student Clearinghouse, and 1st Source Bank. The other two companies that suffered from major data breaches this week are Microsoft and the Tramp General Hospital.