Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

How CISOs Can Sharpen Their Board Pitch for IAM Buy-In

In a time when 94% of companies have experienced an identity-related breach, many CISOs feel the urgency to strengthen identity and access management (IAM) across their organizations. In fact, a recent survey of CISOs found that identity is the top focus area going into 2025. However, communicating IAM’s value to the board remains a challenge—it isn’t enough for these security leaders to craft effective IAM strategies—they must also secure their board’s support.

Ivanti Patches Multiple Critical-Severity Vulnerabilities in Cloud Services Application

On December 10, 2024, Ivanti released updates for three critical-severity vulnerabilities impacting their Cloud Services Application. By chaining the vulnerabilities together, a threat actor could obtain administrative privileges via authentication bypass (CVE-2024-11639), which could then allow for remote code execution (CVE-2024-11172) and/or SQL injection (CVE-2024-11173).

5 Key Data Protection Challenges and How to Overcome Them

Organizations understand their sensitive data is everywhere — and adversaries are after it. Data protection solutions have become an essential part of modern cybersecurity strategies. Organizations realize that in order to avoid a breach, they must have a plan to monitor and control data flow at the user level so they can better understand where data is going, who is accessing it and when malicious activity occurs. But when it comes to deployment and operationalization, things can get complicated.

Corelight delivers static file analysis with YARA integration

Malicious files continue to be a significant threat to organizations; SonicWall reported more than six billion malware attacks in 2023. To help organizations prepare for and stay ahead of these threats, we’re introducing an integration with YARA that offers a deeper level of inspection for files across enterprise networks while helping security teams consolidate their toolset in the process.

How to Run PowerShell on Remote Computers

PowerShell is a great scripting and automation tool — and it also enables administrators to execute commands and scripts on remote computers remotely, as if they were sitting in front of them. Indeed, early in the history of PowerShell, Microsoft added support for cmdlets to run on remote systems with the -ComputerName parameter.

Complete Checklist to User Access Reviews: Best Practices and Essential Steps

Imagine a former employee still being able to access your network or current employees wielding permissions far beyond their roles. Both scenarios sound risky, right? Excessive permissions aren’t just a minor oversight — they’re significant vulnerabilities that could lead to costly data breaches, regulatory penalties, and other problematic consequences.

Ultralytics AI Pwn Request Supply Chain Attack

The ultralytics supply chain attack occurred in two distinct phases between December 4-7, 2024. In the first phase, two malicious versions were published to PyPI: version 8.3.41 was released on December 4 at 20:51 UTC and remained available for approximately 12 hours until its removal on December 5 at 09:15 UTC. Version 8.3.42 was published shortly after on December 5 at 12:47 UTC and was available for about one hour before removal at 13:47 UTC.

Snyk's risk-based approach to prioritization

Vulnerability identification is a key part of application security (AppSec). This process entails tracking and reporting the number of vulnerabilities found and fixed to give stakeholders clear insight into the organization’s security posture. However, identifying and monitoring vulnerabilities using traditional methods can make risk evaluation more difficult.

The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian's Public Monitoring Data

On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks.