Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

5 Zero Trust Remote Access Solutions Your IT Team Needs to Know

In the past, organizations could control how, when, and where their employees accessed sensitive data. Now, in the age of hybrid and remote work, employees can connect to company networks from any location over nearly any device. Safeguarding data while granting employees the access they need is a delicate balance. That’s where zero trust remote access solutions come into play.

CISA KEV performance in the Financial Sector

As a security data nerd I am absolutely spoiled here at Bitsight. So much so that I have to stop myself from doing little projects and requests so I can dive into the “big” stuff1. So it is always refreshing when folks see a piece of research and decide “hey can you give me more information on my little corner of the world.” Then of course and can throw off those notions of “stopping” and just dive back in.

Securing Digital Health: Cybersecurity Challenges in Rapid Healthcare Transformation #shorts

The healthcare industry, traditionally slow in digital transformation due to stringent regulations, is now experiencing rapid change. As digitization accelerates, vast amounts of personal and professional data are being stored across healthcare systems—making them prime targets for cybercriminals. This sector’s rich data environment, coupled with evolving cybersecurity practices, creates a unique challenge. Unlike the well-established security measures in banking and financial services, healthcare's cyber defenses are still maturing.

Introducing Netacea Threat Intel Feeds

This webinar introduces Netacea Threat Intel Feeds—a tool to harden your defenses against automated attacks using real-world threat data. Join James Middleton, Andy Still, and Cyril Noel-Tagoe as they explore how Netacea processes trillions of requests daily, enabling Threat Intel Feeds to identify and stop attack traffic in real-time, so you can squeeze more value out of your existing edge defenses.

Cato CTRL Threat Research: CVE-2023-49559 - gqlparser Directive Overload DoS Vulnerability

The Cato CTRL and Cato Application Security Research teams recently discovered CVE-2023-49559, a directive overload Denial of Service (DoS) vulnerability in the gqlparser library, which is a crucial component in the development and running of GraphQL applications. The vulnerability is of medium severity (CVSS score of 5.3). The gqlparser library is an integrated component of the gqlgen Golang GraphQL server, widely used in web applications to handle GraphQL queries.

What does it take to become a Top Builder in Tines?

We’ve just introduced the Tines Top Builder score, a measure of user activity that shows just how much hands-on experience you’ve had in Tines in a given year. Why track our Top Builders? We realized we were seeing a high level of achievement from our users – to the extent that it warranted some recognition. We set out to identify exactly who our Top Builders were, with the intent to celebrate their achievement at the end of each year.

Transforming security operations with Workbench

Enterprise data consolidation and access have long posed significant challenges in the Security Operations Center (SOC). They often hinder security teams from effectively investigating and taking action on the vast amounts of data they are tasked with protecting. Traditional security tools frequently operate in isolation, lacking the compatibility to create a cohesive data strategy.

Revamp Your Remediation & Response: Introducing Investigations by Coralogix

In the fast-paced world of cybersecurity and system observability, timely and accurate incident investigations are crucial. Whether you’re a SOC admin hunting down vulnerabilities, a developer resolving critical system outages, or a team member tracking Real User Monitoring (RUM) errors, the ability to piece together evidence, understand the timeline, and collaborate effectively is the difference between days and weeks of investigation.

CVE-2024-38812: Critical RCE Vulnerability Fixed in VMware vCenter Server and Cloud Foundation

On September 17, 2024, Broadcom released fixes for a critical vulnerability impacting VMware vCenter Server and Cloud foundation, tracked as CVE-2024-38812. This vulnerability is a heap-overflow flaw in the implementation of the DCERPC protocol that a remote attacker can use to send specially crafted network packets to vCenter Server, potentially leading to Remote Code Execution (RCE).