The two new vulnerabilities that the U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to its list of known exploited vulnerabilities (KEV) are both related to the privilege elevation of the Linux kernel.

Organisations require robust security measures that go beyond surface-level checks. Frankly, those days are gone now. White box penetration testing emerges as a powerful tool in this arsenal, offering a comprehensive security assessment by leveraging “insider” knowledge. Let’s delve into what white box penetration testing entails, its methodologies, and real-world examples illustrating its effectiveness.

Businesses increasingly migrate to cloud-based solutions for storage, applications, and critical functions. While the cloud offers scalability and agility, it also introduces new security challenges. Cloud penetration testing is a crucial defence mechanism for proactively identifying and addressing these vulnerabilities.

On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log into the web interface as any user. Officially designated as CVE-2024-29849, the vulnerability presents a major threat with a CVSS V3 rating of 9.8 (critical). VBEM is a web-based platform that allows administrators to oversee Veeam Backup and Replication installations through a web interface console.

The cyber threat landscape is continuously evolving and becoming more dangerous with the rise of application attacks and data breaches, putting businesses at greater risk. Verizon’s 2024 Data Breach Investigations Report saw a record-high number of breaches—more than 10,000, doubling the number of breaches it analyzed from 2023.

By 2028, connected Internet of Things (IoT) devices will expand to over 25 billion. Yet, today’s connected devices are raising the stakes for assessing risk and managing cybersecurity. They have significantly expanded the attack surface creating new challenges and vulnerabilities. The need for accurate, rapid information from systems across every industry is essential for business operations.

Operational Technology (OT) is the backbone of our modern world as we know it today. Think about the daily operations of a factory, the precise control of our power grids, and even the supply of clean water to our homes. All of these modern capabilities are made possible and efficient due to OT systems.

As more and more organizations use automation and orchestration to streamline their security operations, defining clear success criteria becomes critical to ensure the effectiveness and scalability of their program. Recently, an enterprise prospect approached us seeking help on establishing success criteria for their upcoming journey with Tines workflow automation.

Fireblocks has expanded its exchange connectivity with new support for Coinbase International Exchange to provide perpetual futures and spot trading features for institutional and retail clients in eligible jurisdictions. Fireblocks customers can now connect to their Coinbase International Exchange account via the Fireblocks Network, and protect exchange operations – such as withdrawals and deposits – with Fireblocks’ governance and policy rules.

With the increasing threat of cyber breaches, it has become crucial for businesses and government entities to have effective cybersecurity measures in place. However, many organizations struggle with deploying and operating these technologies with best practices and properly trained staff.