A vendor risk management assessment matrix could enhance your visibility into vendor risk exposure, helping you make more efficient risk management decisions. In this post, explain what a vendor risk assessment matrix is, how to use it, and provide a step-by-step guide for designing your own.

Simply put, APIs (short for application programming interface) are how machines, cloud workloads, automation and other non-human entities communicate with one another. They also represent an access point to highly sensitive company data and services. Almost every organization uses these machine interfaces, and their usage is only growing because they are essential to digital transformation and automation initiatives.

The CrowdStrike Falcon platform has received the Best Endpoint Detection and Response 2024 Award from SE Labs for the third consecutive year. This award honors CrowdStrike’s leadership in demonstrated detection, prevention and investigation capabilities.

The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security. While it is often not consumer-facing, open-source software is a critical component of computing and internet functions, such as secure communications between machines.

In the ever-evolving landscape of cybersecurity threats, staying ahead of potential risks is paramount. Today, we delve into a recent breach uncovered by the Foresiet Threat Intelligence Team. Our focus centers on the infiltration of PureB2B.co.uk's database by the threat actor known as KryptonZambie, shedding light on the implications and strategies for mitigation.

SBOMs are security analysis artifacts becoming required by more companies due to internal policies and government regulation. If you sell or buy software, you should know the what, why, and how of the SBOM.

Cybersecurity is vital in today’s fast-paced digital world, where keeping your private information safe is as crucial as the technology itself. Proxies are key players in this arena, not just for the tech-savvy but for everyone online. They work quietly behind the scenes, rerouting your internet traffic to keep your activities private, speed up your browsing, and even unlock content that’s out of reach due to geographic restrictions.

A command injection vulnerability has been discovered in the GlobalProtect feature within Palo Alto Networks PAN-OS software for specific versions that have distinct feature configurations that may enable a remote, unauthenticated attacker to execute arbitrary code with root privileges on the firewall. These specific versions require configurations for GlobalProtect gateway and device telemetry enabled.

In a network each user, whether verified or not, is given a security identifier (SID), a virtual name tag. This unique identifier helps with managing users, giving administrators the ability to control on an individual level the rights and permissions of users, authentication and providing an overall level of security. A SID also hides private information of users such as the real names of the accounts, adding an additional layer of protection.

Unauthenticated, remote attackers can execute arbitrary OS commands with root privileges against certain Palo Alto’s GlobalProtect firewalls, using a just announced critical severity vulnerability which is being actively exploited in the wild. While limited to specific versions and configurations, unauthenticated remote command execution vulnerabilities are among the most severe security vulnerabilities that exist. Indeed, CVE-2024-3400 has a critical 10 out of 10 rating under CVSS.