Imagine compliance is like a driving application. You know your location and you plug in the destination address, then it shows you the route’s overview. If you want a more specific map, you can zoom in a bit and get more details. Similarly, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and it’s most recent revision provide the overview roadmap for your compliance journey.

On September 27, 2024, evilsocket.net (Simone Margaritelli) published information about several vulnerabilities in CUPS (Common UNIX Printing System), which can allow for arbitrary remote code execution (RCE). There are currently 4 CVEs associated with these findings, with potentially more on the way. There is also some debate about the severity of these vulnerabilities, however, one of the CVEs was initially given a CVSS score of 9.9. We will update this blog if new information becomes available.

Millions of enterprise users rely on Slack every day as their primary tool for instant communications and information sharing. Because of its central role in operations, Slack inevitably handles sensitive data and critical business information—which also makes it a high-value target for attackers. For this reason, it’s critically important for security teams to detect and respond to security threats against Slack.

Some common scams on Facebook Messenger include requests for authentication codes, fake charity pages asking for donations, messages offering investment advice or even fake giveaways. Facebook Messenger is a messaging service that allows you to share photos, videos and messages with your friends on Facebook. Continue reading to learn what Facebook Messenger scams are, some common scams you may encounter while using Facebook and how you can prevent becoming a victim of these scams.

See how CurrentWare ensures student safety in our web filtering software for schools case study Safeguarding sensitive information is crucial for educational institutions and libraries. The FCC’s Schools and Libraries Cybersecurity Pilot Program aims to bolster the cybersecurity infrastructure of these institutions by providing essential funding for robust security solutions.

Organizations are increasing their use of various solutions to address communication needs across their infrastructure. As file systems are an integral part of collaboration, this article will dive into one of the most widely used protocols necessary for many systems. We will learn more about the SMB protocol, Port 139, Port 445, how it works, the risks associated with it, and remediation steps to provide a more secure communication channel.

DNS (Domain Name System) is a key component of the Internet infrastructure. DNS functions as a distributed directory service that translates human-readable domain names into machine-readable IP addresses. When you type a website address into your browser, the DNS system helps your browser find the right server on the internet. DNS uses a hierarchical and distributed database to manage the mapping of domain names to IP addresses.

On September 26, 2024, a security researcher disclosed several vulnerabilities affecting Common UNIX Printing System (CUPS) within GNU/Linux distributions. CUPS is an open-source printing system that allows Unix-like operating systems, including Linux and MacOS, to manage printers and print jobs across local and networked environments. The newly identified CUPS vulnerabilities identified are.

CVE-2024-6670 is a critical (CVSS v3 score: 9.8) SQL injection vulnerability. Threat researcher Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) discovered that, if the application is configured with only one user, unauthenticated attackers can leverage this vulnerability to retrieve users’ encrypted passwords.

Attackers nowadays are good at setting up camp in networks and stealing important information. This means you need to be on your toes with top-notch threat spotting. You need something that can handle the whole attack process, from when they first break in to when they move around and take data.