Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In an era of rapid technological advancements, healthcare organizations are always looking for ways to become more productive and more efficient. In this quest, they are increasingly turning to citizen development and Generative AI tools to streamline processes and drive innovation. Citizen development empowers non-technical employees to create their own applications and automations, thereby enhancing operational efficiency.

CrowdStrike Counter Adversary Operations has been investigating a series of cyberattacks and strategic web compromise (SWC) operations targeting organizations in the transportation, logistics and technology sectors that occurred in October 2023. Based on a detailed examination of the malicious tooling used in these attacks, along with additional reporting and industry reports, CrowdStrike Intelligence attributes this activity to the IMPERIAL KITTEN adversary.

KnowBe4 is proud to be recognized by TrustRadius for our Security Awareness Training and PhishER platforms in three categories for Best Value for Price, Best Relationship and Best Feature Set. The Best of Awards highlight products providing customers with outstanding ROI, customer satisfaction, performance, reviews, and more. To win a Best of Award, each organization had to receive 10 TrustRadius reviews between January 1 and September 30, 2023.

You’ve probably heard of a few password management options, like 1Password (👋), Dashlane, and LastPass – but what do they all do?

The biggest problem with granting too many permissions is that you may be delegating the right to grant permissions. In the realm of cybersecurity, few areas are as critical as managing privileged access. Privileged accounts, often referred to as the "keys to the kingdom," have the power to unlock and control vast portions of an organization's IT infrastructure.

Cyber resilience goes beyond mere security tools or yearly employee training. While both are crucial, a multi-layered cybersecurity approach is essential for the most robust protection. You might be asking “Where is the best place to start?” Or “Is what I am doing enough?” I think we all recognize that cybercrime is on the rise. Recent research indicates that cybercrime is indeed up 300% since 2020.

As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks. Every quarter, I’ve been covering the Quarterly Ransomware Reports from ransomware response company Coveware. In their latest report covering Q3 of this year, we get a greater sense of what trends their security researchers are seeing from the data: This last one is interesting.

Cloud-native and analytic solutions provider Sumo Logic has announced a cybersecurity incident stemming from a compromised AWS account. Sumo’s clients come from various industries, including airlines and video game franchises. On November 7th, they posted a breach notice to their website; they stopped the attack before the data could be unencrypted.

SysAid on-premises software faces a zero-day vulnerability tracked as CVE-2023-47246. SysAid recommends that all customers immediately upgrade to version 23.3.36, which has a security patch for the path traversal vulnerability.

With the majority of data breaches now caused by compromised third-party vendors, cybersecurity programs are quickly evolving towards a greater emphasis on Vendor Risk Management. For advice on choosing the best VRM solution for your specific data breach mitigation requirements, read on.