On July 17, 2024, Cisco publicly disclosed critical vulnerabilities in Cisco Secure Email Gateway (SEG) and Cisco Smart Software Manager On-Prem (SSM), identified as CVE-2024-20401 and CVE-2024-20419 respectively. Both of these vulnerabilities may allow for unauthenticated administrative actions to be taken by threat actors when exploited.

Learn more about GitGuardian SCA commitment and fast adaptation strategies to safeguard the software supply chain of its users.

In this blog post, Martin Moroney, Customer Success Engineering Manager at Tines shares lessons on migrating from a legacy SOAR platform, based on his experience in overseeing dozens of successful migrations. Enterprise system migrations are complex projects, with intimidating challenges that require meticulous planning and execution. This complexity is amplified in the context of systems that leverage many integrations to support complex workflows.

When it comes to the world of cybersecurity, vulnerabilities are everywhere, just waiting to be exploited. Vulnerability management is the systematic process of identifying, assessing, prioritizing, and mitigating security vulnerabilities in IT systems, applications, and networks. It aims to reduce the risk of exploitation by continuously monitoring for weaknesses and applying necessary security measures.

Healthcare data breaches are on the rise, with a total of 809 data violation cases across the industry in 2023, up from 343 in 2022. The cost of these breaches also soared to $10.93 million last year, an increase of over 53% over the past three years, IBM’s 2023 Cost of a Data Breach report reveals. But data breaches aren’t just expensive, they also harm patient privacy, damage organizational reputation, and erode patient trust in healthcare providers.

The modus operandi of cybercriminals is constantly changing. It comes as no surprise that, every so often, hackers switch up their methods to become more evasive. However, contrary to what we might imagine, these changes don’t always have to be innovative, or involve new attack strategies. Cybercriminals are increasingly opting to employ old-school techniques, and couple this with minimal investment.

An Economist article published in June 2024 claimed that China is actively targeting US SMEs for long-term sabotage and for financial gain through sustained IP theft. With China using previously undetected methods of ‘cyber warfare’, it’s increasingly important that US companies adopt Zero Trust protection for their most valuable IP data.

The explosive growth in connectivity and the geopolitical environment is putting critical infrastructure around the world at risk. Connecting legacy industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems that critical infrastructure runs on to IT environments, Internet of Things (IoT) devices, and out to the Internet makes it easier for cybercriminals and state-sponsored groups to gain access to systems and conduct malicious activities.