On September 27, 2024, evilsocket.net (Simone Margaritelli) published information about several vulnerabilities in CUPS (Common UNIX Printing System), which can allow for arbitrary remote code execution (RCE). There are currently 4 CVEs associated with these findings, with potentially more on the way. There is also some debate about the severity of these vulnerabilities, however, one of the CVEs was initially given a CVSS score of 9.9. We will update this blog if new information becomes available.

Once upon a time, security awareness training resembled a never-ending game of Tetris. Threats cascaded down, demanding swift action and strategy, only to speed up until we inevitably faltered. Today, we've entered a new realm of engagement, creativity, and community in human risk management.

As our digital world becomes increasingly more complex, the importance of cybersecurity grows ever more critical. As a result, Cloudflare is proud to promote our commitment to the Cybersecurity and Infrastructure Security Agency (CISA) ‘Secure by Design’ pledge. The commitment is built around seven security goals, aimed at enhancing the safety of our products and delivering the most secure solutions to our customers.

Some common scams on Facebook Messenger include requests for authentication codes, fake charity pages asking for donations, messages offering investment advice or even fake giveaways. Facebook Messenger is a messaging service that allows you to share photos, videos and messages with your friends on Facebook. Continue reading to learn what Facebook Messenger scams are, some common scams you may encounter while using Facebook and how you can prevent becoming a victim of these scams.

In today’s cyber landscape, threat actors are becoming increasingly sophisticated, often leveraging free tools and cloud services to launch targeted attacks. One such group, known as SloppyLemming, is making waves by using platforms like Cloudflare Workers to engage in espionage against government and law enforcement agencies in the Indian subcontinent. This blog delves into their methods, targets, and how organizations can bolster their defenses against such threats.

As more companies adopt Software-as-a-Service (SaaS) apps, keeping these cloud-based systems secure has become crucial. While SaaS offers convenience, scalability, and flexibility, it also introduces significant security risks. Organizations must actively monitor and control the security of their SaaS environments. SaaS Security Posture Management / SSPM is becoming an essential tool for this task.

A webinar recap with Bolt and About Fraud. Jeff Sakasegawa is Persona's trust & safety architect. Prior to Persona, Jeff worked in fraud and compliance operations at Square, Facebook, and Google. Jeff Sakasegawa is Persona's trust & safety architect. Prior to Persona, Jeff worked in fraud and compliance operations at Square, Facebook, and Google.

ISO 27001 is the international standard for information security and protection. It’s roughly equivalent to similar infosec frameworks in the United States, like FedRAMP and CMMC, but the international development, maintenance, and scope of the ISO framework makes it much more commonly seen outside of US Government contracting. In the US, it’s clear that a security framework mandated by the government is required when working as a contractor for the government. What about ISO 27001?