Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The volume of data moving to and collaborating in the cloud has spurred government concern and oversight over protecting sensitive personal, business, government and defence data. Data sovereignty is the concept of a country or jurisdiction having the right to govern and control digital data collection, storage, processing, and distribution within its borders. Organisations operating across international borders must comply with the rules of each country/jurisdiction where their data resides.

There are few security tasks more important, yet more difficult, to conduct than a vulnerability scanning program. A properly conducted scanning program requires a team of human-led experts with the technology to search for issues that might give a threat actor access to a network. Only the largest organizations with equally large wallets can afford to take on this task, but there is an option.

A firewall is a security device that controls the flow of traffic across a network. A firewall may be a hardware appliance, or it may be a piece of software that runs on a third-party operating system. Firewalls operate based on a set of pre-defined, as well as customizable security rules that inspect network traffic to block or permit access to a network.

On June 22nd, 2023, the National Cyber Security Centre (NCSC), the UK's cybersecurity agency, released a Cyber Threat Report for the country's legal sector. Developed to update a previous iteration from 2018, the report reflects a dramatic change in the cybersecurity threat landscape, offering advice that considers the security issues inherent with remote working, new data revealing the UK legal sector's vulnerability to cybercrime, and the increasing prevalence of attacks on smaller organizations.

When talking to infrastructure and operations teams, one common concern when moving to a SASE architecture is the loss of visibility and control that they have historically been accustomed to. Overnight traffic destined for critical business applications, both private and public, routes through what is often seen as a black box, or in today’s world, more of a “gray cloud.”

For infrastructure and operations (I&O) teams, the transition from legacy architectures to a modern zero trust architecture is far from straightforward. Teams often face a complex patchwork of fragmented and siloed systems of different vintages, along with the challenge of managing dozens of disparate security and networking vendors.

We’ve seen how technology can evolve at warp speed, and AI has emerged as both a revolutionary force and a tantalizing enigma. Whether you're a seasoned developer seeking to expand your toolkit or a security enthusiast on a quest for clarity in the realm of AI, embarking on the journey to demystify this dynamic field can be both exhilarating and overwhelming.

Uncertainty looms large on the horizon as businesses deal with the difficulties of a downturn in the economy. Financial limitations, workforce reductions, and rising cyber threats exacerbate the complexity of such times. Organizations must prioritize their core competencies in this constantly changing environment while protecting their valuable assets from potential risks. By utilizing managed security services, organizations can achieve this delicate balance.

Threat Intelligence Analyst How does phishing-as-a-service (PhaaS) really work, and can it really bypass MFA? Here, we will walk you through the user interface of a PhaaS platform, and how its users can quickly build their own attacks using the built-in attack models and templates (and bypass MFA). For a layered approach, beyond MFA, we will introduce you to the benefits of using a threat intelligence solution to stay-ahead of emerging and advanced phishing attacks.

Threat actor groups maintain dark web shame sites to negotiate ransoms with their victims, name them, and leak their data as punishment for not paying. These sites serve as a major tool for threatening victims and securing ransom payments but are not a precise record of global cyber attacks. However, there’s a lot to learn from the dark web behavior observed in the first half of this year to help contextualize the current threat landscape.