Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

JumpCloud Announces Its First Free Virtual Conference for IT Professionals

JumpCloud Inc. has opened registration for JumpCloudLand, its first-ever user conference taking place on 28th January 2025. JumpCloudLand is a free virtual event for IT professionals. It offers everything IT teams need to build skills, stay ahead of industry trends, and unlock opportunities for professional and organisational growth. Attendees will have the chance to meet industry leaders, exchange ideas with peers, and discover innovative ways to drive success for their teams and businesses.
Featured Post

Building a Modern Identity Capability to Tackle DORA

Hackers are quickly taking advantage of every vulnerability in an organisation's armoury, particularly exploiting poorly managed identities. An organisation might have the strongest firewalls, encryption, anti-malware, vulnerability scanners, and risk management tools in the world, but if identities are not managed securely, this still leaves one critical gap in its cybersecurity arsenal.

Pegasystems Consolidates Endpoint, Identity and Cloud Security with CrowdStrike

Pegasystems, a global leader in AI-powered decisioning and workflow automation, is a strategic partner for many of the world’s leading brands. The company’s role as an enterprise software provider means it often operates under the radar of the general public — but that doesn’t shield it from cyberattacks. Upon joining Pegasystems (Pega) in 2019, Director of Corporate Security Operations Steve Tieland quickly realized the company's legacy antivirus solution was missing the mark.

CVE-2024-8068 and CVE-2024-8069: Citrix Session Recording Vulnerability

Two Citrix vulnerabilities (CVE-2024-8068 and CVE-2024-8069) can potentially lead to unauthenticated remote code execution. Note: according to the vendor, privilege escalation to NetworkService Account access in Citrix Session Recording and limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording is possible when an attacker is an authenticated user in the same intranet.

Evasive malware has grown by 168% causing direct impact on cybersecurity

With a 168% rise in evasive malware, cyber threats have reached a new level of sophistication. This type of malware employs advanced techniques to evade detection by traditional solutions, which often rely on pre-defined signatures to identify threats. These malicious programs pose a major challenge in cybersecurity by camouflaging themselves within legitimate processes and acting stealthily.

Boosting Mobile Defense: A Comprehensive Guide to Mobile Security

Your organization’s mobile security strategy is a vital part of your overall cybersecurity posture. Not only do mobile devices contain valuable personal data, but they also serve as a gateway to the information you store in the cloud. If you issue smartphones and tablets to your employees, a single high-profile vulnerability could compromise dozens of devices. If you embrace bring-your-own-device (BYOD) policies, you may not have any visibility into the applications your employees use.

Security Service Edge (SSE): The Ultimate Guide to Enhancing Data Protection

Mobile devices, remote access, cloud-based applications — the security perimeter as we once knew it has disappeared. The proliferation of cloud-native infrastructure has given organizations and their employees more immediate access to their work than ever before. But this convenience cannot come at the cost of security, as malicious actors look for new ways to exploit an ever-increasing number of access points.

Beyond Compliance: Building a Resilient Security Strategy with the ISM and Essential Eight

In today’s complex cybersecurity landscape, addressing the controls within the Australian Government’s Information Security Manual (ISM) and the Essential Eight (E8) is critical when seeking to build rapport and work with the Australian Government. Australian cybersecurity regulations like the ISM and E8 outline foundational steps, including cybersecurity best practices and controls for data protection strategies.

Top challenges for implementing multi-domain correlation in the cloud

Adversaries often use complex, multi-stage cloud attacks that evade traditional security measures, which struggle to fully visualize, prioritize, and respond to threats. Multi-domain correlation addresses this by analyzing data across diverse domains — including networks, applications, databases, and storage — to uncover potential weaknesses and attack paths across interconnected resources.