Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mobile devices, remote access, cloud-based applications — the security perimeter as we once knew it has disappeared. The proliferation of cloud-native infrastructure has given organizations and their employees more immediate access to their work than ever before. But this convenience cannot come at the cost of security, as malicious actors look for new ways to exploit an ever-increasing number of access points.

Your organization’s mobile security strategy is a vital part of your overall cybersecurity posture. Not only do mobile devices contain valuable personal data, but they also serve as a gateway to the information you store in the cloud. If you issue smartphones and tablets to your employees, a single high-profile vulnerability could compromise dozens of devices. If you embrace bring-your-own-device (BYOD) policies, you may not have any visibility into the applications your employees use.

With a 168% rise in evasive malware, cyber threats have reached a new level of sophistication. This type of malware employs advanced techniques to evade detection by traditional solutions, which often rely on pre-defined signatures to identify threats. These malicious programs pose a major challenge in cybersecurity by camouflaging themselves within legitimate processes and acting stealthily.

Two Citrix vulnerabilities (CVE-2024-8068 and CVE-2024-8069) can potentially lead to unauthenticated remote code execution. Note: according to the vendor, privilege escalation to NetworkService Account access in Citrix Session Recording and limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording is possible when an attacker is an authenticated user in the same intranet.

Pegasystems, a global leader in AI-powered decisioning and workflow automation, is a strategic partner for many of the world’s leading brands. The company’s role as an enterprise software provider means it often operates under the radar of the general public — but that doesn’t shield it from cyberattacks. Upon joining Pegasystems (Pega) in 2019, Director of Corporate Security Operations Steve Tieland quickly realized the company's legacy antivirus solution was missing the mark.

Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team was hard at work investigating potential risks and threats to the election system, from disinformation campaigns to nation-state actors looking to exploit vulnerabilities. No information that may have potentially affected the election process was discovered at any time during the research. If it had, Trustwave SpiderLabs would have immediately disclosed its findings to the proper authorities.

Effective from November 9, 2024, G-Cloud 14 supersedes G-Cloud 13, further enabling public sector organisations—from government agencies and local authorities to healthcare, educational, and emergency services—to easily access and procure cloud services. As a G-Cloud 14-approved supplier, Xalient provides seamless access to secure cloud solutions critical to digital transformation across the UK.