Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

System hardening involves identifying and addressing security vulnerabilities across hardware, firmware, software, applications, passwords, and processes. Compatibility allows most applications to work smoothly, but securing a system requires additional steps known as system hardening best practices, which are crucial for protection against advanced threats. Microsoft emphasizes server security and provides comprehensive hardening techniques and best practices tailored to various platforms.

On June 17, 2024, the Los Angeles County Department of Public Health (DPH) disclosed a data breach impacting more than 200,000 clients, employees, and other individuals. The stolen data includes personal, medical and financial information. The DPH said the incident took place between February 19-20, 2024, was caused by a gang of cyber criminals who gained access to the log-in credentials of email accounts of 53 employees through a phishing email.

The rising use of virtual environments (VEs) has transformed the ways we work, offering increased flexibility and accessibility. However, this shift also introduces new security challenges. Traditional security measures may not work as effectively in VEs, which creates an opportunity for insider threat actors to exploit vulnerabilities to steal sensitive data, disrupt critical systems, or commit fraud. This article reveals the importance of monitoring user activity in virtual environments.

Malware leverages Windows search functionality in HTML, Remcos RAT spreads via UUE files, and Black Basta exploits a Windows privilege escalation vulnerability.

Sensitive customer information leaked, operations disrupted, and reputation tarnished – this is not the headline you want splashed across the internet. There’s a 76% spike in data theft victims and a 75% increase in cloud intrusions. Vulnerabilities are lurking within every organization’s digital infrastructure – but how do you stay ahead of security threats? The answer is simple – proactive security testing.

The adage "data is the new oil" doesn't resonate with everyone. Personally, having grown up around cars thanks to my dad, a master mechanic, I see oil as messy and cumbersome. Data, in my view, is more akin to bacon—universally enjoyed and valuable in various forms; everyone wants it and will go to great lengths to have an extra helping, maybe even pushing a sibling's arm out of the way to get the last piece.

Cybersecurity continues to be unfinished business for many companies. In a context where digitalization reigns in almost all areas, cybercriminals have more and more resources to draw on and continue to threaten the cybersecurity of millions of organizations. To guide companies and industry professionals through the ever-changing habits of malware, WatchGuard has released a new edition of our Internet Security Report (ISR).

Bitsight excels at using externally available data to paint a detailed picture of organizations’ digital footprint, including assets, organizational hierarchy, third-party relationships, and risk posture. But as more IT resources shift to cloud service providers, gaining complete and precise visibility into your external attack surface becomes increasingly complex.

AI risk and security management is unsurprisingly Gartner’s number one strategic technology trend for 2024. But you might be less familiar with number two: Continuous Threat Exposure Management (CTEM). Coined by Gartner in 2022, CTEM isn’t just another buzzy acronym – it’s a powerful process that can help continuously manage cyber hygiene and risk across your online environment.

The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) regulations often make exacting demands of Fortra Tripwire's customers, requiring them to update or create new change processes and document those processes in order to comply. In any NERC CIP-centered IT\OT project, there are always crucial indicators of success - even before the project gets underway.