CrowdStrike Services recently investigated several Play ransomware intrusions where the common entry vector was suspected to be the Microsoft Exchange ProxyNotShell vulnerabilities CVE-2022-41040 and CVE-2022-41082. In each case, CrowdStrike reviewed the relevant logs and determined there was no evidence of exploitation of CVE-2022-41040 for initial access.
According to the 2022 IBM Cost of a Data Breach Report, the global average cost of a data breach is $4.35 million. Data breaches in the US are even more costly, averaging over $9 million. However, it isn’t just the big players caught in the line of fire. IBM’s report also found that 83% of companies will experience a data breach soon, meaning financial institutions of all sizes — from local credit unions to Fortune 500s — are at risk.
There were so many notable things that have happened in 2022, here’s some to name a few. We have gotten back to a “normal” state of being or have accepted the new “normal”. While ThreatQuotient enjoyed meeting some new faces on the Hangin’ with Haig episodes.
2022 has been quite the year in cybersecurity. For the first time in a long while, I’m seeing positive developments in the space, including improved cybersecurity education for end-users and adoption of IT Security protection by smaller organizations. As a Cybersecurity Evangelist, education is extremely important to me. So I’ve combined my 2023 cybersecurity predictions with practical resources that you can review now to improve your cyber preparedness.
The holiday season is the perfect time to rewatch some favorite festive movies! While some prefer their holiday movies to be as sappy as possible (Hallmark, we’re looking at you), others relish the annual opportunity to watch an 8-year-old boy exact his revenge on two bumbling bad guys in the 1990 classic Home Alone.
It stands to reason that if you’ve implemented a Static Application Security Testing (SAST) tool, you’ll want to reap the full value of the investment. But to accurately assess ROI, you need metrics that can evaluate factors such as overall results, KPI compliance, and timeframe. Only then can you estimate whether you’re making a real improvement to the security of your code base, and from that, assess the monetary value of these results.
On December 8th, Clinton Herget and Simon Maple, Field CTOs at Snyk, had the opportunity to chat with Corey Quinn, Chief Cloud Economist at The Duckbill Group, podcast host, curator of “Last Week in AWS”, and snarky Twitter personality. Their conversation took a lot of fun turns, from ranting about the hour-long line to get coffee at AWS re:Invent, to Corey proclaiming that “SBOMs are a fantasy” (there’s more context to that… keep reading).
Consolidating vendors has always been on the mind of digital leaders, but the current economic climate has elevated this topic, with a recent Gartner survey claiming that 75% of organisations are currently pursuing security vendor consolidation projects, up from 29% in 2020.
We’re thrilled to share that Splunk has been named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022. We are committed to developing world-class solutions for the SOC, so it's a true honor to be named a Leader by Forrester. We are proud to help organizations accelerate threat detection and investigations, achieve cybersecurity resilience, and navigate their most critical security challenges.
Cyber threats continue to evolve, with cyberattacks happening in the world every 39 seconds. That’s why cybersecurity has become one of the topmost concerns in many organizations. Despite many intelligent defense mechanisms organizations leverage, emerging cyber threats continue to disrupt businesses in many ways. Cyber Threat Intelligence is the best way for organizations to mitigate the risks of new cyber threats in the future. In this article, I’ll explain…
