A selection of this week’s more interesting vulnerability disclosures and cyber security news. It could be said raising awareness is good as it motives complacent teams. That said, revelations that it was exaggerated might make teams more complacent in the future to react…

Read also: the US disrupts ALPHV/BlackCat operations, a NY engineer admits the hacks of two crypto exchanges, and more.

These statistics show that organizations struggled to maintain basic cybersecurity practices in 2023. But what can organizations do to improve their networks and help prevent attacks in 2024?

Cybersecurity is an essential consideration for any organization that deals in the digital sphere on any level, and the education sector is no exception. In recent years, the global pandemic and technological advances have led to a massive shift toward online learning, which has posed a number of challenges to educators and administrators. Facilitating digital education presents a logistical maelstrom that many educational institutions are not prepared to handle.

On December 7th, 2023, the Apache Struts project disclosed a significant vulnerability, CVE-2023-50164, in its Struts 2 open-source web framework. Rated at a critical CVSS score of 9.8, this flaw resides within the framework’s file upload logic. Exploiting this vulnerability empowers attackers to manipulate upload parameters, potentially leading to arbitrary file upload and, under specific conditions, code execution.

As 2023 comes to a close, we aim to inspire excellence by highlighting our customers’ dedication to a more secure world. Thanks to you, we are honored to be (for the fourth consecutive year) recognized as a 2023 Gartner® Peer Insights™ Customers’ Choice. Let’s explore some of the stories that make this recognition possible.

This is part two in our series on building honeypots with Falco, vcluster, and other assorted open source tools. For the previous installment, see Building honeypots with vcluster and Falco: Episode I.

Learn how GitGuardian helps teams effectively prioritize and coordinate remediation by gathering the right data and making progress tracking and communication easy.

Life is full of problems. A product manager's life is that, and more! But it’s also the very reason we have been able to contribute to many, many awesome products. Since becoming a product manager, I’ve learned that the problems worth solving aren't always easy to spot and you have to do some sifting, rejecting and re-framing to get to the good stuff.

Following the release of the Phishing Threat Trends Report, we recently hosted the Human Risk Summit, a virtual gathering of top industry leaders to discuss human risk in cybersecurity.