Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Forrester Study: BlueVoyant MDR Delivered a 210% Return on Investment for Clients Through Effective Threat Detection and Response, Optimized SecOps Spending, and Reduced Breach Incidence

Organizations’ security operations (SecOps) programs are under increased pressure due to more sophisticated threats, a continually expanding attack surface, and strained internal resources. To help solve these challenges, BlueVoyant MDR delivers 24x7 threat monitoring, detection, hunting, and response powered by advanced automation and human expertise.

Ransomware Gangs Poised to Exploit Veeam Backup & Replication Vulnerability (CVE-2024-40711)

The critical CVE-2024-40711 vulnerability in Veeam Backup & Replication (VBR) is drawing attention from security researchers and ransomware groups alike. Discovered by Florian Hauser from Code White, this flaw allows attackers to take full control of enterprise systems, posing a significant threat to the integrity of data backup infrastructures. With ransomware groups historically targeting Veeam vulnerabilities, CVE-2024-40711 could soon become a valuable tool for cybercriminals.

Crimson Palace APT: How China's Tag-Team Cyber Espionage Units Are Targeting Asian Governments

Advanced Persistent Threat (APT) groups have long been key players in global cyber espionage, and in 2024, a Chinese-linked threat cluster known as "Crimson Palace" continues to demonstrate its effectiveness. This collective of three distinct APT units has managed to breach multiple organizations across Asia, including a prominent government agency in Southeast Asia, proving their ability to evade detection and extract sensitive information.

Emerging Security Issue: SonicWall SSLVPN (CVE-2024-40766)

CVE-2024-40766 is a critical (CVSS v3 score: 9.3) access control flaw. Its primary danger comes from the potential for providing unauthorized network access, both allowing attackers unfettered access to critical resources and, in some cases, giving attackers the ability to crash the firewall.

Zero Trust + AI: fewer alerts, guaranteed security

Excessive cybersecurity alerts are not a trivial matter; they pose a real challenge that directly impacts business security strategies. Too many notifications generate stress on IT teams, which are increasingly being reduced in size while facing a heavier burden of tasks. This situation can lead to urgent alerts being overlooked, putting system security at risk.

Enhancing CISO-Board communication: Three key questions for the CISO to answer

A challenging dynamic exists between the CISO and the Board of Directors. While both stakeholders focus on risk management, their approaches to risk and the language they use are notably different. Though regulations like the NIS2 directive and SEC cybersecurity disclosure rules have given CISOs a bigger seat at the table, the legal requirements and operational prioritization to meet them have exposed a difference in perspective and understanding between the two roles.