Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vulnerability Management refers to the systematic approach to the identification, classification, and remediation of vulnerabilities across various cyber systems.

The first nationwide lockdown was implemented in Italy on 9th March 2020. The IT employee sitting in Buenos Aires could not have imagined a 234-day lockdown at that point. The US of America could not have predicted the loss of 1.1 million lives over the couple of years that follow. The world of commerce was busy grappling with the second-largest global recession in recent history.

Today, CyberArk announced that our founder and CEO Udi Mokady will step into the role of Executive Chairman and our Chief Operating Officer, Matt Cohen, will become CyberArk’s CEO, effective April 3, 2023. Together, Udi and Matt make a great team and we’re excited for this next chapter in CyberArk’s journey.

With hundreds of contributors, the MITRE ATT&CK Framework has become a vital resource of open source knowledge for the security industry. CISOs and cybersecurity professionals around the globe rely on the framework to increase their understanding about different cyber-attack tactics, techniques and procedures (TTPs). With insights about TTPs relevant to their specific platform or environment, organizations gain tremendous value to combat cyber threats.

ManageEngine ADAudit Plus is a UBA-driven auditor that bolsters your Active Directory (AD) security infrastructure. With over 250 built-in reports, it provides you with granular insights into what’s happening within your AD, such as all the changes made to objects and their attributes. This can include changes to users, computers, groups, network shares, and more.

EDD is a vital component of the KYC compliance procedure in banking. It comprises gathering information to verify clients’ identities and assess the degree of money laundering risk that each customer poses. As a result, the client requested substantially more details during the EDD process than during the CDD process, because this information might be used to reduce the related risks.

With changing technology, evolving security threats, and the vast number of vendors out there, companies intent on successfully selling their products need new approaches. At the end of the day, it isn’t about convincing someone to buy your product whether they need it or not, but ensuring that your product is the right fit for them and that it will solve their problems—some of which they probably don’t realize they have.

Software is an intricate part of our lives, with its presence in nearly every device and aspect of technology. However, the software can also be vulnerable to malicious threats, given that the code within it can contain flaws. As a result, software vulnerability has been on the rise over the years and is likely to continue increasing in 2023. Organizations and businesses alike need to remain proactive about their security measures when it comes to their systems, software, and data management.

So you’ve set yourself up with a password manager and you’re feeling like a cybersecurity wizard – as you should! Flying high, you hop online, ready to effortlessly log in with a single click – but suddenly, it happens.

OpenSSH’s newly released version 9.2p1 contains a fix for a double-free vulnerability. Given the severe potential impact of the vulnerability on OpenSSH servers (DoS/RCE) and its high popularity in the industry, this security fix prompted the JFrog Security Research team to investigate the vulnerability. This blog post provides details on the vulnerability, who is affected, and a proof-of-concept to trigger it causing a Denial of Service (DoS).