2023 Cybersecurity Predictions - Business Process
In 2023, Marc Laliberte and Corey Nachreiner agree that cybersecurity threats will impact companies’ business processes but disagree on how it will happen.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Power your threat detections with SnapAttack and LimaCharlie
LimaCharlie and SnapAttack are pleased to announce a new integration that gives organizations access to open-source intelligence objects and behaviorally-oriented detections developed by the SnapAttack threat research team as well as popular community tools, such as Atomic Red Team and Sigma. The ruleset contains high-confidence detections for most platforms that have been verified against true positive data by SnapAttack’s threat detection team.
Organizations Are Banning TikTok. Should You Do the Same?
In today's security conscious climate, countries and organizations worldwide waste little time debating whether a risky mobile application should be banned — regardless of its popularity. With security and data privacy at the center of public and private sector conversations, these issues typically come about when an app is found to have concerning data collection and handling practices.
CVE-2022-27518: Actively Exploited Remote Code Execution Vulnerability in Citrix ADC and Citrix Gateway
On December 13th, 2022, Citrix disclosed a critical remote code execution vulnerability (CVE-2022-27518) affecting several versions of Citrix ADC and Citrix Gateway. Citrix strongly advises affected customers to update to a supported version as soon as possible. While no public proof-of-concept exploit code is available for this vulnerability, Citrix has observed several instances of targeted exploitation.
CVE-2022-37958 - Critical Vulnerability in SPNEGO NEGOEX Could Lead to RCE on Windows platforms
As part of Microsoft’s September 2022 Security Update, Microsoft released security updates to remediate CVE-2022-37958–an information disclosure vulnerability in SPNEGO NEGOEX that impacted all Windows versions 7 or newer. On December 13, Microsoft reclassified the vulnerability as Critical severity after security researchers discovered that the vulnerability could allow threat actors to remotely execute code pre-authentication.
Devo Recognized as a Major Player by IDC MarketScape
SIEMs have come a long way since they first debuted in the security operations center (SOC) well over a decade and a half ago. Today, next-gen SIEMs are far more advanced than early systems, which merely gathered and logged data from different sources. Now, SIEM software can deliver comprehensive insight into network security and data protection by looking for anomalous activity that could indicate compliance, performance and security issues.
Elastic named a Leader in The Forrester Wave: Security Analytics Platforms, Q4 2022
Elastic Security for SIEM continues to be recognized by leading industry analyst firms It’s that time of the year… and we’re not talking about the holidays. That’s right, it’s analyst report season. Elastic continues to be recognized by leading industry analyst firms. Today, Forrester Research recognized Elastic as a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022. Elastic had the highest score in the Wave in the strategy category.
Lookout MES: Protect Your Sensitive Data From TikTok
#dataprotection #mobilesecurity #tiktok
What's new in UpGuard // Cyber Vendor Risk Management Product Releases
Check out the latest product releases from UpGuard!
Zoom. Enhance!: Finding Value in Macro-level ATT&CK Reporting
With cyberattacks growing in scale and complexity, it has never been more difficult to figure out where to invest your time and defensive resources. This remains the core challenge of optimizing an effective security organization. A good prioritization approach should be data-driven, and informed by real attacker activity.