Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

What is an Information Security Management System (ISMS)?

If you’ve spent any length of time reading about the internationally accepted security framework laid out in ISO 27001, you’ve likely come across the term ISMS or Information Security Management System. You may wonder, though; what is the ISMS specifically, how do you set one up, and what does it do for your business? Let’s talk about it.

Enhanced Vulnerability Analysis with Forward Networks + Tenable Technology Partnership

Proactive Vulnerability Detection: Security teams rely on vulnerability scanners to discover vulnerabilities, crucial for maintaining network integrity. Regular scanning is essential for a strong security posture. Data Overload: While vulnerability reports are valuable, they often contain excessive information, making it difficult to derive actionable insights.

Why AEC Firm Prefer Egnyte for Their Data Management & Collaboration Needs

In the fast-paced world of Architecture, Engineering, and Construction (AEC), having access to the right data is essential for successfully executing projects. This video highlights how Egnyte transforms collaboration, file management, and file sharing among AEC professionals in both office and job site settings.

Chicago API Security Summit 2024

Earlier this week we had the pleasure of hosting a regional API Security Summit in Chicago (well, actually in Lombard). These summits bring together the local cybersecurity community for half-day of API Security-focused content, including expert speakers and panelists. While this isn’t the first time we’ve organized an event like this, it was memorable for the quality of content and participants.

The Rising Cost of Insecure APIs and Bot Attacks: Global Firms Face $186 Billion in Losses

In the evolving landscape of digital threats, two growing concerns are proving costly for organizations worldwide: insecure APIs and bot attacks. A recent report highlights that these vulnerabilities have escalated dramatically, with global firms suffering financial losses between $94 billion to $186 billion annually. The exponential rise in API adoption, combined with AI-powered bot attacks, has created a perfect storm for cybercriminals to exploit.

GitLab Patches Critical SAML Authentication Flaw: Protect Your Systems from Exploitation

In today's fast-paced digital landscape, security vulnerabilities are constant concerns for organizations that rely on cloud-based services and distributed systems. Recently, GitLab addressed a critical security flaw that affected both its Community Edition (CE) and Enterprise Edition (EE). This flaw, tracked as CVE-2024-45409, has been categorized as a critical vulnerability with a CVSS score of 10.0, the highest possible score, signifying its severity.

Online Scams Are Shortening Their Cycles and Making More Money

New analysis of blockchain activity shows scammers are needing less time to obtain crypto payments and are seeing higher payoffs per scam. I continue to repeatedly cover breakdowns of cybercrime activity from the folks at Chainalysis because it represents an unbiased view that some security vendors may inherently have (because their data is based on what their solutions do and don’t discover).

Phishing Attacks Abuse Content Creation and Collaboration Platforms

Researchers at Barracuda have observed an increase in phishing attacks that abuse popular content creation and collaboration platforms. These include online graphic design platforms and document-sharing services widely used by educational institutions and businesses. “The analysts found that attackers are sending out emails from these platforms, featuring legitimate-looking posts, designs, and documents, but with embedded phishing links,” the researchers write.