Exchange admins now have another exploit to deal with despite still reeling from a number of high profile attacks this year including ProxyLogon and ProxyShell. A new high severity Remote Code Execution (RCE) exploit for on-premise Exchange Servers has been published and is being actively exploited in the wild.
New software and assets introduced into your network are, by default, configured to be multifunctional and convenient to use, but they’re not always the most secure. IT teams also make constant changes to systems’ configurations, leading to inevitable security gaps. Maintaining secure configurations in assets and software is essential for organizations that want to avoid potential cyberattacks or face costly audit penalties.
We’re pleased to announce new functionality within the Snyk Vulnerability Scanner extension for Visual Studio Code, making it easier for developers to find and fix vulnerabilities and license issues in their open source dependencies! To help developers take more responsibility for the security of their applications, security tools must be able to integrate seamlessly into existing workflows and the tools developers are using on a day-to-day basis.
Proper management of threat data is critical in today’s security operations and modern SOCs. The knowledge of threats, their priority in our environment, their management, and the ability to analyze them, will give us anticipatory capabilities we wouldn’t have without this management.
The digital society is ever-expanding, and with that has come an ever-increasing risk of cyber attack. This is a factor coming more and more into focus, with the rate and strength of cyberattacks set to continue escalating according to one Al Jazeera report. A further risk vector is becoming apparent through the smart home - more and more people are making their home a natural extension of the digital world, and placing a lot of reliance on the web and smart tech.
Go, go, go, go. And then go some more. For countless small businesses, this is your reality. But breakneck productivity is not always the healthiest approach, and it often comes at the cost of security.
ISO27001 is a prominent International Standard and best practice for Information Security Management. The core element of this standard is identifying risks and mitigating vulnerabilities that threaten the security of information assets. So, the technical risk and vulnerability assessment form the basis of implementing the ISO27001 Standard.
The macro-economic consequences of COVID-19 have reached cybersecurity and the talented people who keep us secure. In some sense, invisibility is a hallmark of good cybersecurity, back-end operations running smoothly and keeping the assets, operations and reputation of an organization from harm. But this invisibility is built on proper resourcing, and in the last 18 months, we’ve seen a progressive erosion of the human resources behind successful organizational cybersecurity.
The California Consumer Privacy Act of 2018 (CCPA) gives Californian consumers greater transparency into how their personal data is being handled. Under the CCPA, California residents have a right to: California's landmark move to greater privacy laws mirrors the consumer data protection posture outlined in the GDPR and Canada's propositions in Bill C-11. Guidance for complying with the CCPA is outlined through CCPA regulations.
