Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

When Is ISO 27001 Considered Mandatory? 5 Examples

ISO 27001 is the international standard for information security and protection. It’s roughly equivalent to similar infosec frameworks in the United States, like FedRAMP and CMMC, but the international development, maintenance, and scope of the ISO framework makes it much more commonly seen outside of US Government contracting. In the US, it’s clear that a security framework mandated by the government is required when working as a contractor for the government. What about ISO 27001?

What is NIST 800-53?

Imagine compliance is like a driving application. You know your location and you plug in the destination address, then it shows you the route’s overview. If you want a more specific map, you can zoom in a bit and get more details. Similarly, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and it’s most recent revision provide the overview roadmap for your compliance journey.

The Three Different Types of Hackers

There are three general categories that hackers fall into: white hat hackers, black hat hackers and gray hat hackers. Each type of hacker has different motivations behind their hacking activities. Learn more about the different types of hackers and how to prevent malicious hackers from compromising your online accounts.

Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System

On September 27, 2024, evilsocket.net (Simone Margaritelli) published information about several vulnerabilities in CUPS (Common UNIX Printing System), which can allow for arbitrary remote code execution (RCE). There are currently 4 CVEs associated with these findings, with potentially more on the way. There is also some debate about the severity of these vulnerabilities, however, one of the CVEs was initially given a CVSS score of 9.9. We will update this blog if new information becomes available.

Monitor Slack audit logs with Datadog Cloud SIEM

Millions of enterprise users rely on Slack every day as their primary tool for instant communications and information sharing. Because of its central role in operations, Slack inevitably handles sensitive data and critical business information—which also makes it a high-value target for attackers. For this reason, it’s critically important for security teams to detect and respond to security threats against Slack.

Common Facebook Messenger Scams and How To Avoid Them

Some common scams on Facebook Messenger include requests for authentication codes, fake charity pages asking for donations, messages offering investment advice or even fake giveaways. Facebook Messenger is a messaging service that allows you to share photos, videos and messages with your friends on Facebook. Continue reading to learn what Facebook Messenger scams are, some common scams you may encounter while using Facebook and how you can prevent becoming a victim of these scams.

The IT Hour | macOS Keychain Protection & Fall Releases 09.27.24

Tom Bridge is back to tell us about macOS Keychain Protection & Fall Releases. Join us at 11:30 am ET The #IT Hour hosted by #JumpCloud is a #communityprogram focused on the life of #ITAdministrators. With the ever changing #ITlandscape, having community and professional networking opportunities is very valuable.

Vodafone Idea has achieved PCI DSS 4.0 Certification.

Telecom Service Provider Vodafone Idea Limited (VIL), announced that it had become the first telco in India to achieve the Payment Card Industry-Data Security Standard version 4.0 (PCI DSS 4.0) certification for its retail stores and payment channels. The PCI DSS 4.0 certification is already mandated by RBI Guidelines for banking and financial institutions in India.