Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

WASHINGTON – In a startling revelation, FBI Director Chris Wray disclosed at a recent conference that China's cyber espionage capabilities are so extensive, they bigger than the efforts of all other major nations combined. While the U.S. government has long been cautioning against the cyber threats emanating from China, Wray's statements took the conversation to a new level of urgency.

Non-compliance in cybersecurity marks a grave oversight. It involves neglecting established security protocols, leaving organizations vulnerable to malicious actors. Read on as we examine the potential risks of non-compliance, including heightened susceptibility to cyberattacks, the specter of data breaches, and the erosion of a company's hard-earned reputation.

Do you remember where you were on 25th May 2018? Perhaps you were enjoying a Friday night drink with friends. Perhaps you were with family, relaxing after a busy week at work. I was actually having a GDPR Birthday party with friends and colleagues because 25th May 2018 was a landmark day for the world of Data Protection (yes, seriously, we had a party!). But the funny thing about the effective date of the then-new General Data Protection Regulation (GDPR) was that many saw it as a date to dread.

Caesars Entertainment is one of the largest casino companies in the United States and is well-known for its loyalty program. The company serves countless customers in Las Vegas and elsewhere throughout the world. The massive loyalty program takes in data from all of Caesars customers, and that program may have just backfired on the company, potentially hurting many of its customers in the process.

The 2023 KuppingerCole Leadership Compass Report: Managed Detection & Response Services provides an overview of the market for MDR services that manage a collection of cybersecurity technologies to provide advanced cyber threat detection and response capabilities. In the report, Kroll was identified as a leading MDR provider, alongside just seven other MDR vendors selected from the across the whole MDR market.

In today's digital landscape, businesses are embracing the transformative power of cloud migration. Shifting operations from on-premises systems to cloud environments promises unprecedented benefits in scalability, cost-efficiency, and agility.

During some standard research as part of the Outpost24 Ghost Labs Vulnerability Research department, I discovered four different vulnerabilities in Nagios XI (version 5.11.1 and lower). Three of these vulnerabilities (CVE-2023-40931, CVE-2023-40933 and CVE-2023-40934) allow users, with various levels of privileges, to access database fields via SQL Injections.

In the world of technology, few concepts have captured our collective imagination like Artificial Intelligence (AI). It’s the promise of machines that can think, learn, and perform tasks with a level of sophistication that mimics human intelligence. Yet, the allure of AI has also given rise to a web of confusion, myths, and misunderstandings.

It’s been just about a year since we first announced our partnership with CrowdStrike. We are delighted to share today that we’ve further strengthened that partnership with the new “better-together” story of Salt and the CrowdStrike Falcon® platform.

Today, more than ever, security is all about identity. Especially in the cloud, the central management and proliferation of cloud services means that with the proper identity and permissions, one can do almost anything (legitimate or malicious).