Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We're pretty fired up about what we've introduced to the product throughout November. We leaned into collaboration last month with an emphasis on the ability to work across teams effectively. If you haven’t already, see the month’s highlights.

Cyber forensics refers to the practice of extracting information, analyzing the data and gaining intelligence into activities that involve the use of technology as a structured chain of evidence that can be presented in the court of law. In this article, I’ll look at the basics of cyber forensics: what it’s for, phases in a forensic procedure, challenges and how it goes far beyond auditing.

Over the last two decades, the M365 service capabilities have developed rapidly and have evolved into a more complex version. In addition, the Security & Compliance Centre has rapidly expanded in response to the rising sophisticated attacks. Office 365 user numbers have reached approximately a whopping 345 million," broadly aligning with the 17% y-o-y increase in commercial revenue.

Reliable electricity is essential to the convenience of modern life, and also functions as a crucial contribution to America’s economy and level of comfort. Yet citizens take it for granted, rarely thinking about it much.

On Tuesday, March 7, 2023, Fortinet published a security advisory detailing an unauthenticated remote code execution vulnerability affecting FortiOS and FortiProxy (CVE-2023-25610). The vulnerability was internally discovered by Fortinet, and exploitation has not been observed in the wild at this time. A proof of concept (PoC) exploit has not been published publicly for this vulnerability at this time.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. An unfortunate (aren’t they all?) breach at Acer. With the the UEFI rootkit discovery last week, I wonder if they were poking around for another vendor implementation?

California Consumer Privacy Act is a data privacy regulation introduced to protect the privacy of personal data and uphold the rights of consumers. So, it is an obligation for organizations to achieve and maintain CCPA Compliance if they are dealing with the personal data of citizens of California. However, now CCPA will soon be replaced with the latest version which is known as the California Privacy Right Act (CPRA).

A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their secrets.

Every day, thousands of companies download updates to their software. With a click of a button, they can walk away and return the next morning with everything reorganized and in order. While a staple of modern life, this action is no longer completely harmless. It is now one of many attacks that bad actors use to access systems and execute supply chain attacks.

As cybercrime continues to grow and organizations digitize, understanding cybersecurity and how to improve one’s security posture becomes paramount. Unfortunately, the firewall has dissolved and tools alone, though helpful, can’t protect environments when public sector organizations are understaffed, underfunded, and struggling to maintain compliance.