Every security professional dreads “The Phone Call.” The one at 2 a.m. where the tired voice of a security analyst on the other end of the line shares information that is soon drowned out by your heart thumping in your ears. Your mind races. There are so many things to do, so many people to contact. You jump out of bed. For a moment, you stare into the mirror longing for yesterday — when your network hadn’t been breached.
As the digital world continues to rebuild after the Log4j hurricane, the threat landscape is once again disturbed by the rumbling of an approaching zero-day storm. After barely recovering from a zero-day dubbed as the worst hack ever encountered, concerns are understandably heightened, and as a result, there are many misconceptions about the severity of Spring4Shell.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Normally cloud backup is a good thing; only when it’s not….
In our new threat briefing report, Forescout’s Vedere Labs describes how it analyzed files and tools used by an affiliate of the ALPHV ransomware group during an attack. ALPHV, also known as Black Cat, is a Ransomware-as-a-Service gang that was first discovered in November 2021.
Modern software companies often provide many things at once. Their reach extends beyond a single product or service — and their security tools must match this pace. Our own Steve Kinman (Field CISO, Snyk) and Adrian Guevara (Head of Cybersecurity, Willowtree) recently held a roundtable discussion on the challenges hypergrowth organizations face with implementing code security in a rapidly moving space.
Last June, Forward Networks announced several enhancements to the platform designed to help SecOps teams prove compliance, automate CVE (critical vulnerability exposure) responses, and remediate threats quickly. Today, we’re happy to share that we’ve continued to build out our security use cases by adding new functionality to our security posture security matrix (previously known as zone-to-zone security matrix) and delivering Layer 7 application connectivity analysis.
You probably have some form of cybersecurity program already in place. Maybe a Norton app that scanned this page for you before you opened it. While that may be good but yet not be enough to tackle or address the evolving cyber threats in the industry. We live in an era of rampant cyber security threats. Mistakes are as easy to make as they are punishing. In this article today let us take a look at why developing a cybersecurity program is worth the cost for your business.
Information Security Management System is an international standard designed to manage the security of sensitive information. At the core, ISMS is about managing the people, processes, and technology through a risk management program. While there are many standards under the ISO2000 family, the ISO27001 Standard is the most popular and widely accepted standard in the industry.
