Modern cybersecurity has reached an exceptional level, particularly with the integration of AI technology. The complexity of cyberattacks and their methodologies has also increased significantly, even surpassing human comprehension. This poses a considerable challenge for cybersecurity professionals who struggle to keep pace with the scale and complexity of AI-generated attacks.

“It’s discouraging to try to be a good neighbor in a bad neighborhood.” –William Castle.

Windows administrators have cautioned that after applying the KB5035855 and KB5035857 updates, released as part of March 2024 Patch Tuesday for Windows Server 2016 and Windows Server 2022, domain controllers running the updated versions of Windows Server may experience crashes and reboots. Affected servers are freezing and rebooting stemming from a memory leak in the Local Security Authority Subsystem Service (LSASS), leading to continually increasing memory usage over time.

One of the many difficulties faced by organizations has been how to create portability, reusability, and interoperability of digital identities from the on-premises realm to increasingly web-services-enabled environments. One of the earliest and most widely adopted approaches has been SAML (or Security Assertion Markup Language) and Identity Federation.

Info stealer malware, also known as information stealers, are a growing menace in the cybersecurity landscape. These malicious programs lurk in the shadows, siphoning sensitive data from unsuspecting victims' devices. While data breaches often grab headlines, info stealer attacks can be just as devastating, silently compromising personal information and causing significant financial losses. This blog post sheds light on the world of info stealer malware and the chilling reality of stealer logs.

Are penetration testing and ethical hacking just two sides of the same coin? Although they seem similar and are often used interchangeably, is there a difference between the two? Let’s explore this further to uncover any nuances between them.

Serialization is the process of converting data structures or object states into a format that can be easily stored, transmitted, or reconstructed later. While serialization facilitates data maintenance and communication between different systems, it also introduces security risks. Serialization attacks exploit vulnerabilities in the serialization process to manipulate data, execute arbitrary code, or gain unauthorized access to systems.

Clickjacking, also known as UI redress attack or user interface (UI) manipulation, is a malicious technique used to trick users into clicking on elements of a web page without their knowledge or consent. By overlaying transparent or opaque layers on legitimate web content, attackers can trick users into performing unintended actions, such as clicking on hidden buttons or links.

Cyberattacks in the digital supply chain are now some of the most common cyber incidents today, with many of the recent major breaches resulting from a single vulnerability. Because of the rapid pace and scale of these attacks, cyber leaders can no longer rely on static analyses of their environments, and must continuously assess cyber risk across their entire supply chain and vendor ecosystem.

Comparably, a leading workplace culture and compensation monitoring employee review platform selected Trustwave to receive its Best Company Outlook for 2024 Award. This award marks the seventh time Comparably has honored Trustwave in the last year. Comparably's Best Company Outlook list honors organizations with the most promising futures, as determined by confidential feedback from employees on Comparably throughout the last year.