Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On June 27th 2023, Arcserve published an advisory for a critical unauthenticated remote code execution (RCE) vulnerability affecting Arcserve Unified Data Protection (UDP) for Windows. Arcserve UDP is a centralized backup and disaster recovery solution. By exploiting this RCE vulnerability, threat actors may be able to gain unauthorized access to sensitive data, install malware, or launch other types of attacks from infected devices.

Discover how to enhance the security of your container registries using honeytokens. Learn the steps to secure Docker Registry, GitHub Container Registry, and GitLab Container Registry with honeytokens. Strengthen your DevOps pipeline and protect your valuable assets.

The Cyber Intelligence Sharing and Protection Act (CISPA) was first introduced in 2011 by Representative Mike Rogers, the chairman of the House Select Committee on Intelligence Committee), and 111 co-sponsors. Although the House of Representatives originally passed the bill on April 25, 2012, it was later rejected by the US Senate. Since then, it has been reintroduced several times, but Congress has not passed the bill despite amendments made in good faith following criticism of some propositions.

Businesses that work with the US Department of Defense (DoD) and collect, process, transmit, or store controlled unclassified information (CUI) must comply with Defense Federal Acquisition Regulation Supplement (DFARS) standards. The DoD has responded to the growing threat of cyber incidents, including cyberattacks from cybercriminals and nation-states, by prioritizing cybersecurity best practices and insisting they are implemented throughout the DoD supply chain.

So many things seem like a good idea at the time. The Red Sox selling Babe Ruth to the Yankees. Decca Records rejecting The Beatles. “New” Coca-Cola. Blockbuster passing on buying Netflix. The formation of Nickelback. Just popping into Ikea for a “quick” look around. Of course, we know differently. And the same can be said about copying and pasting code.

Are you looking for ways to transform your organization’s network security for the modern era? Zero. Zero. Trust security offers a cutting-edge approach that eliminates implicit trust and requires continuous verification of users and devices. Dive into this comprehensive guide and discover how Zero Trust can revolutionize your security posture and protect your valuable resources.

They say the best way to stay healthy and maintain fitness as we age is through strength, conditioning, nutrition, and exercise. In the same way, as organizational cybersecurity efforts weaken with age they need to be analyzed and strengthened. Is it time to regain your organization’s cyber security in the weight room? Is it time for a cybersecurity personal trainer of sorts?

Picture a quaint, small town enveloped in the tranquility of a peaceful night. The only signs of life are flickering street lamps and the glow from the neighborhood automated teller machine (ATM). You spot someone approach the ATM, withdraw cash and walk away. It all looks so normal. What you don’t realize is that you have just witnessed a fraud attack, specifically, transaction reversal fraud (TRF).

Every company has workers that have been there from the beginning and worked in every department. Knowledge of the company’s processes makes them valuable employees, but they can also access and put at risk lots of sensitive data. Regular user access reviews can help you mitigate this risk and safeguard your critical assets. Regularly reviewing user access is an essential part of access management.

The InfoStealer and remote-access-tools (RATs) markets constantly provide us with new products. The Cyberint Research Team discovered a new RAT that is claiming to be the next popular threat against organizations and individuals worldwide. With fairly interesting PR and marketing methods, RevolutionRAT seems to be gaining attention with a growing Telegram community after only a few days of operation.