Technology and cybersecurity changes so fast. But when businesses fail to put basic protections and processes in place, who’s to blame? Graham Cluley – writer, blogger, and host of the Smashing Security podcast – shares his 30-year perspective on this question, and what’s going on in cybersecurity today.

The COVID-19 pandemic has spurred a significant increase in the adoption of remote access, resulting in a substantial portion of the workforce transitioning to remote work. This requires employees to heavily rely on their employer’s virtual private network (VPN) to connect to their company's IT systems. This shift to working from home (WFH) is expected to continue well into the foreseeable future.

At CrowdStrike, we’re on a mission to stop breaches. As adversaries weaponize vulnerabilities with increasing speed, organizations must accelerate their ability to identify security gaps and proactively manage their risk exposure before an adversary breaks in.

What’s the best way to keep your possessions safe? It’s an age-old question. While the good old-fashioned lock and key system has been used for thousands of years, digital assets need digital solutions. This article looks at fingerprinting and its use as a biometric authentication method.

One of the most important factors in the technology and cybersecurity industries is the inevitable presence of constant change. Technology, business, and industry are always evolving, while cybercriminals are always searching for new and innovative ways to attack. While there is no surefire way to account for future developments, some professionals have dedicated time and expertise to predicting the ways in which the current threat landscape and state of technology may lead to issues down the line.

It doesn't matter if you have a smartphone, a tablet, a laptop, or a desktop computer. Whatever your computing device of choice, you don't want it impacted by malware. And although many of us are familiar with the concept of protecting our PCs and laptops with security software that aims to identify attacks in real-time, it's not a defence that is as widely adopted on mobile devices.

Now that the calendar has flipped to November, the end of the year is in sight. It’s a popular time for friends and family to gather for the holidays, yet unfortunately, it’s also a popular time for cyber attackers to ramp up their exploits. Our thoughts turned to the cyber professionals on the front lines. What compromises do they feel pressured to make in their work-life balance to keep their companies secure? How often does their work actually impinge on their personal time?

Overall Analysis of Vulnerability Identification – Default Credentials Leading to Remote Code Execution During internal network testing, a document was discovered titled the “XL Security Site Administrator Reference.pdf.” It appeared to be a guide for the specific configuration of the SQL service running on NeuroWorks Natus. Being that this was a guide, it was extensive and detailed the software in-depth.

On October 16, 2023, Kroll Cyber Threat Intelligence (CTI) analysts were made aware of an ongoing exploitation of a recently discovered vulnerability within the web user interface (UI) functionality of Cisco IOS XE (CVE-2023-20198). This security flaw is critical with a CVSS score of 10.

Ingesting data in the security world is only half of the battle. The second half is fought over insight generation. As security professionals, we understand that every second we spend creating dashboards, alerts, or parsing rules is a potential window of vulnerability, assuming this capability even exists within the organization.