Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyber security threats are increasingly complex, and while external attacks like phishing and malware often take centre stage, insider threats are emerging as a significant concern. Insider threats are risks originating from within an organisation, which pose unique challenges. They exploit an insider’s knowledge of systems, processes, and vulnerabilities, making detection and prevention particularly challenging.

In an era where password breaches have become all too common, Multi-Factor Authentication (MFA) has emerged as a critical layer of security. MFA provides an authentication method that requires users to present multiple forms of identification before gaining access to systems, which is considered a more robust defence against cyber attacks. However, as cyber criminals evolve tactics, MFA is no longer impervious to threats, particularly phishing attacks that exploit vulnerabilities.

The latest ENISA reports help inform about threat response and a more effective, risk-based approach to cybersecurity In December 2024, the European Union Agency for Cybersecurity (ENISA) released its first-ever report on the state of cybersecurity in the Union. The report, which was prepared in accordance with Article 18 of the NIS2 Directive, is a comprehensive, evidence-based overview of the cybersecurity ecosystem across EU Member States.

On January 9, the SecurityScorecard STRIKE team uncovered Operation 99, a cyberattack by the Lazarus Group, North Korea’s state-sponsored hacking unit. This campaign targets software developers looking for freelance Web3 and cryptocurrency work. If you thought fake job offers from the group’s Operation Dream Job campaign were bad, this latest move is a masterclass in deception, sophistication, and malicious intent. Here’s why Operation 99 demands your attention.

Mitel’s MiCollab Unified Communications solutions are widely used by businesses to streamline communications. However, two critical vulnerabilities, CVE-2024-35286 and CVE-2024-41713, have been identified across several versions of Mitel MiCollab. CVE-2024-35286 has been identified in versions 9.8.0.33 and earlier and CVE-2024-41713 has been identified in versions 9.8 SP1 FP2 (9.8.1.201) and earlier.

Organizations are increasingly reliant on third-party vendors. While this enables agility and innovation, it also introduces significant security risks. Cyberattacks originating from the supply chain are on the rise, underscoring the critical need for robust security measures. This article explores the key elements of building a high-performing supply chain incident response team to effectively mitigate and respond to these threats.

As IT infrastructures grow more complex and cyber threats escalate, CIOs are searching for a powerful new solution for risk and compliance. Tanium Integrated Risk Management (IRM) for ServiceNow addresses these challenges with an integrated platform that transforms visibility, control, and remediation with real-time, unified data for IT, security, and risk teams.

Patient data is among the most sensitive and valuable information in the healthcare industry. A single breach can have devastating consequences, including.

ROPA is primarily utilized by organizations subject to data protection regulations. While it is a legal requirement for businesses of all sizes handling personal data, it is especially critical for large enterprises that process substantial volumes of data or sensitive information. Compliance officers, data protection officers (DPOs), legal teams, and IT departments often rely on ROPA to demonstrate compliance to regulators during audits or investigations.