The cybersecurity community woke up on Thursday to news of a cyberattack on Sisense, a major business analytics software company. It’s thought that the breach may have exposed hundreds of Sisense’s customers to a supply chain attack and provided the attacker with a door into the company’s customer networks.

We’re thrilled to announce that Nightfall was selected as the “Data Security Solution of the Year” in the 2024 Data Breakthrough Awards. With enterprises scrambling to stay on the cutting edge of innovation, it’s all too easy to lose sight of data stewardship. In addition to SaaS apps, email, and endpoints, now enterprises must also safeguard their generative AI (GenAI) applications, including both custom and third-party GenAI tools.

This is the final post in a series about shadow IT. In this series, we’ve detailed how and why teams use unapproved apps and devices, and cybersecurity approaches for securely managing it. For a complete overview of the topics discussed in this series, download Managing the unmanageable: How shadow IT exists across every team – and how to wrangle it.

Two of the greatest threats facing technology-focused organizations are their often-quick adoption of new technologies, such as artificial intelligence (AI), without taking security measures into consideration and a very high reliance on third-party vendors to operate their businesses.

In a time where cyber threats evolve as swiftly as the technologies they target, organizations need a strategic approach to rise above the noise while effectively reducing risk. Enter Continuous Threat Exposure Management (CTEM) — a paradigm-shift in cybersecurity introduced by Gartner. In this article, we compare and contrast CTEM with a closely related, traditional approach – vulnerability management – and discuss practical ways to apply CTEM in your organization.

The world of payments is having its “Henry Ford” moment. Traditional organizations in the industry, from payment service providers (PSPs) to banks, are still using the equivalent of horses for settlement and cross-border transactions. In contrast, innovative startups and certain forward-looking incumbents have embraced this industry’s Model T – blockchain technology. The results that payments providers exploring blockchain have reported thus far can’t be ignored.

In a new threat briefing, Forescout Research – Vedere Labs details an exploitation campaign targeting organizations running Fortinet’s FortiClient EMS which is vulnerable to CVE-2023-48788. We are designating this campaign Connect:fun because of the use of ScreenConnect and Powerfun as post-exploitation tools – our first-ever named campaign.

Every day that an application is anything less than ‘fully secure’ is a day for a potential data breach. Consumer data, sensitive business information, monetary transactions, and business reputation; everything is at stake. Investing in effective web application security is the best and only way to mitigate the risk of financial losses and reputational damage for businesses. This blog presents a comprehensive blueprint for implementing best practices in application security.

As the April 15, 2024 filing deadline approaches, tax scammers are working overtime to take advantage of rushed or stressed taxpayers. This tax season, scammers have adopted more sophisticated techniques - particularly leveraging artificial intelligence (AI) to disguise their schemes. However, remaining vigilant and taking some simple precautions can help you avoid becoming a victim.

JumpCloud’s MSP partners are at the forefront of providing essential IT services to small and medium-sized businesses globally. In our interview series, we delve into conversations with these partners, exploring the dynamics of their MSPs and how JumpCloud plays a pivotal role in their operations. In today’s feature, we had the opportunity to speak with Chris Notley of FIFUM.