%term

XDR vs SIEM: Cost-Efficient Cyber Security for Today's Decision Makers

Nov 10, 2023 By Stripe OLT In Stripe OLT

CISOs and IT leaders are tasked with the critical responsibility of safeguarding their organisations against an ever-increasing array of threats, all while striving to optimise costs and drive business growth. CISOs are grappling with the demand to achieve more with limited resources this year—a challenge that many have not encountered before.

Read Post

Stripe OLT

Read more about XDR vs SIEM: Cost-Efficient Cyber Security for Today's Decision Makers

How to Defeat MITRE ATT&CK Reconnaissance Techniques

Nov 10, 2023 By Laura In SenseOn

MITRE ATT&CK Reconnaissance (TA0043) techniques section maps out how threat actors gather information about potential targets. Like other ATT&CK tactics (like initial access and lateral movement), reconnaissance provides useful threat intelligence on adversary tactics, techniques, and procedures (TTPs). It is a realistic approximation of what will happen if you become a target.

Read Post

SenseOn

Read more about How to Defeat MITRE ATT&CK Reconnaissance Techniques

CherryBlos, the malware that steals cryptocurrency via your photos - what you need to know

Nov 10, 2023 By Graham Cluley In Tripwire

CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos.

Read Post

Tripwire

Read more about CherryBlos, the malware that steals cryptocurrency via your photos - what you need to know

CyberArk Identity 23.11 Release

Nov 10, 2023 By Sonal Pokale In CyberArk

CyberArk MFA now supports authentication with phishing-resistant passkeys and qualifies for the highest NIST Authenticator Assurance Level (AAL3). Based on FIDO2 standards, passkeys replace passwords and provide faster, easier and more secure sign-ins to websites and apps across user devices. With this release, end users can authenticate using passkeys to access their applications and resources.

Read Post

CyberArk

Read more about CyberArk Identity 23.11 Release

Sumo Logic Breach Shows Leaked Credentials Still a Persistent Threat

Nov 10, 2023 By Mackenzie Jackson In GitGuardian

Sumo Logic reported a security breach on November 3, 2023, due to a compromised credential that allowed unauthorized AWS account access.

Read Post

GitGuardian

Read more about Sumo Logic Breach Shows Leaked Credentials Still a Persistent Threat

Lessons Learned From 50+ MOVEit Exploit (CVE-2023-34362) Investigations - Full Webinar

Nov 10, 2023 By Kroll In Kroll

In Q2 2023, Kroll reported a notable shift towards increased supply chain risk, largely driven by the CLOP ransomware gang’s exploitation of the MOVEit transfer vulnerability. The MOVEit exploitation rendered even organizations with mature cybersecurity controls helpless and vulnerable to financial and reputational damage. Only a handful were able to detect the exfiltration, and even fewer could handle the consequences once a trusted partner fell victim.

View Video

Kroll

Read more about Lessons Learned From 50+ MOVEit Exploit (CVE-2023-34362) Investigations - Full Webinar

Vanta Video How to: Using Trust Centers

Nov 10, 2023 By Vanta In Vanta

View Video

Vanta

Read more about Vanta Video How to: Using Trust Centers

Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)

Nov 10, 2023 By Wallarm In Wallarm

In early November, the cybersecurity community witnessed the exploitation of a zero-day vulnerability in Confluence Data Center and Server. This critical vulnerability was related to Improper Authorization and assigned CVE-2023-22518 identifier. In this blog, we delve into the details of these vulnerabilities, their implications, and the necessary mitigation steps to protect your digital assets.

Read Post

Wallarm

Read more about Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)

Supply Chain Resilience: Creating an Effective Risk Management Plan

Nov 10, 2023 By Leah Sadoian In UpGuard

Organizations focus on building resilience in their global supply chain through effective supply chain risk management strategies. The planning process involves identifying potential high-risk factors, analyzing their impact, and developing strategic measures for mitigating risk. In addition, organizations perform due diligence when creating incident response and recovery plans to ensure business continuity and avoid supply chain disruptions.

Read Post

UpGuard

Read more about Supply Chain Resilience: Creating an Effective Risk Management Plan

ChatGPT Allegedly Targeted by Anonymous Sudan DDoS Attack

Nov 10, 2023 By Steven In IDStrong

OpenAI has suffered a successful DDoS attack following the first-ever DevDay—where OpenAI announced ChatGPT-4 Turbo and the GPT Store. OpenAI’s ChatGPT launch was nearly a year ago and has since become the mainstream solution for AI tasks. The software hosts a hearty 180.5 million users, many of whom use the software for professional tasks. The DDoS attack is alarming, not because it happened, but because of who claims the event—Russian-backed Anonymous Sudan.

Read Post

IDStrong

Read more about ChatGPT Allegedly Targeted by Anonymous Sudan DDoS Attack

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

XDR vs SIEM: Cost-Efficient Cyber Security for Today's Decision Makers

How to Defeat MITRE ATT&CK Reconnaissance Techniques

CherryBlos, the malware that steals cryptocurrency via your photos - what you need to know

CyberArk Identity 23.11 Release

Sumo Logic Breach Shows Leaked Credentials Still a Persistent Threat

Lessons Learned From 50+ MOVEit Exploit (CVE-2023-34362) Investigations - Full Webinar

Vanta Video How to: Using Trust Centers

Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)

Supply Chain Resilience: Creating an Effective Risk Management Plan

ChatGPT Allegedly Targeted by Anonymous Sudan DDoS Attack

Monthly Archive

Follow Us