Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This month we dive into CheckPoints CVE-2024-24919 to explain what this vulnerability does and why we have seen it being used in the wild already!

Based on news cycles within cybersecurity, it's easy to fall into the trap of thinking that threats only come from certain parts of the world or that they only target specific industries. However, the reality is that cyber attacks know no borders, and no organisation is immune. The recent report by Cisco Talos showcasing the discovery of a six-year campaign by Pakistani hackers targeting Indian government and defence organisations is a stark reminder of this fact.

A phishing campaign is impersonating recruiting firms to target job seekers with a new strain of malware, according to researchers at Elastic Security. “Since late April 2024, our team has observed new phishing campaigns leveraging lures tied to recruiting firms,” the researchers write.

Microsoft 365 has experienced several notable outages recently. In January 2023, a major outage lasted over five hours, affecting various services, including Exchange Online. This incident was attributed to a network configuration issue during a planned update (Practical 365). Another significant outage occurred in June 2023, impacting services like Outlook, Teams, and OneDrive for several hours due to a network issue (WinBuzzer).

The Australian Signals Directorate (ASD) is a government agency responsible for providing foreign signals intelligence and ensuring information security for Australia’s national interests. The ASD also significantly enhances the nation’s cybersecurity through strategic advice, standards, and protective measures.

In an age of increasingly complex cyber threats, New Zealand has implemented robust cybersecurity standards to secure the online environment for individuals, businesses, and government entities. New Zealand's cybersecurity approach is unique and effective, from the overarching strategies laid out by national cybersecurity policies to specific regulatory requirements that impact sectors like healthcare and finance.

In the world of security, there are many different frameworks that may be relevant or important to your plans. We’ve talked a lot about FedRAMP, the federal government’s security framework, but it’s only one of many options. Others, from HIPAA to FISMA to SOC2, can all have their role. One of the biggest and most direct equivalents to FedRAMP is ISO 27001. What is it, how does it compare to FedRAMP, and which one should you use? Let’s talk about it. Table of Contents 1.

SQL Agent proxies are a form of built-in service that allows the schedule and running of automated tasks within SQL Server. These tasks can perform various actions related to database management. The msdb database is a crucial system database in Microsoft SQL Server which primarily serves SQL server agents. These databases store information related to SQL Agent jobs, including their configuration, execution history, vital system tables and data.

Google’s auto-generated passwords aren’t typically the most secure as the character limit is 15. Having a limit of 15 characters prevents a user from creating longer passwords. The longer a password is, the harder it is for cybercriminals to crack. Continue reading to learn more about Google-generated passwords and why they are not the most secure option for your digital security.

The Health Insurance Portability and Accountability Act (HIPAA) is U.S. legislation created to set national privacy and security standards to protect the privacy of patient health information and prevent data breaches. All organizations associated with healthcare, including health insurance companies and business associates, fall under HIPAA regulations – meaning they have to comply with HIPAA compliance requirements.