As the threat landscape of cybersecurity continues to evolve, enterprises now find themselves spending countless hours on identifying and mitigating potential threats while managing overwhelming amounts of data. But one persistent problem for security teams is the flood of false positives alerts that indicate possible threats but turn out to be benign. Not only do these waste valuable time and resources, but they also contribute to alert fatigue, reducing the overall threat detection ability of teams.

CMMC assessments began on 16 December. If you handle CUI, here’s 3 things you need to know for CMMC The CMMC final rule change is now live. On 16 December, certified third-party assessment organizations (C3PAOs) officially began assessing DoD contractors. Given the wide disparity between the number of assessment teams (~100) and members of the Defense Industrial Base looking for certification (~100,000), DoD contractors need to ensure they are assessment-ready asap.

OAuth is an authorization protocol that grants third-party websites or applications limited access to a user’s information (like their email or photos) — without sharing their logon credentials. For example, suppose you want to sign up for an app to help you track your fitness goals. Through the power of OAuth, you may have the option to log in using your Google account rather than create a new account specific to the fitness application.

Managing change for in-house applications and platforms is crucial for maintaining stability, security, and accountability. Unlike managing changes at the device level, working with applications requires a more comprehensive strategy. Let’s break it down.

Cyber attacks are deliberate attempts to steal, alter, or destroy data or to disrupt operations and to damage the digital parts of a critical infrastructure. This blog post explores the most destructive major cyber attacks in history, detailing the underlying motives and impact, and then offers prevention and detection best practices.

Secrets with excessive permissions are a goldmine for attackers. GitGuardian Secrets Analyzer helps security teams identify overprivileged secrets, analyze permissions, and shrink the attack surface.

On December 16, 2024, BeyondTrust published a security advisory outlining a vulnerability impacting their Remote Support (RS) and Privileged Remote Access (PRA) software. The flaw, CVE-2024-12356, is a critical severity command injection vulnerability. If successfully exploited it can allow an unauthenticated remote threat actor to execute underlying operating system commands within the context of the site user.

Since early December 2024, Arctic Wolf has been monitoring threat activity involving the malicious use of management interfaces on FortiGate firewall devices on the public internet. While our investigation into this activity is ongoing and the scope is yet to be fully determined, organizations running these products should ensure that they are adhering to security best practices for management access of firewall devices.

EDR protects organizations' endpoints and surpasses the capabilities of traditional antivirus solutions focused solely on preventing known attacks. Its main strength is detecting and responding to advanced threats that have evaded previous security controls.

Collaboratively authored by Anthony Cammarano, Mario Vargas, Muneeb Hasan, Alexandre Charlet, Andre Castro, Vic Levy, Ken Darker and Iwona Rajca Generative AI (GenAI) applications are revolutionizing how businesses interact with data, primarily through Retrieval-Augmented Generation (RAG) pipelines, combining language models with vast enterprise knowledge bases. These pipelines allow organizations to query extensive internal datasets in real time.