The Evolution of Cybersecurity Liability for the C-Suite
Nik Hewitt | | advice, analysis, Best Practices, Cybersecurity, lateral movement, microsegmentation, network segmentation, next gen security, Security Research, zero trust
The rapid evolution of cybersecurity liability for security chiefs, management, and information security professionals Cybersecurity liability is changing rapidly and has become a boardroom (and personal) matter in 2024, with increasing threats that pose significant challenges to organizations globally. In this environment, the role of Chief Information Security Officers (CISOs) ... Read More
The Persistent Threat of Path Traversal Vulnerabilities in Software Development
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, lateral movement, microsegmentation, next gen security, security, Security Research, vulnerability, zero trust
Path traversal vulnerabilities, or directory traversal, are now subject to a government advisory for obligatory consideration We live in an environment where digital infrastructure is increasingly fundamental to business operations across all business sectors, and the security of software products is a paramount concern. The FBI and CISA (Cybersecurity and ... Read More
Should We Pay the Ransomware Ransome?
Nik Hewitt | | advice, Best Practices, Cybersecurity, next gen security, Ransomware, Security Research
To pay or not to pay the ransomware ransom: Should we pay to unlock our data, or is there an alternative? The decision as to whether or not we should pay ransomware demands isn’t an easy one, and ransomware attacks present organizations with one of the most challenging dilemmas and ... Read More
CVE-2024-27322 Vulnerability Found in R Programming Language
Nik Hewitt | | advice, Best Practices, Cybersecurity, next gen security, security, Uncategorized, vulnerability
A critical vulnerability (CVE-2024-27322) in R programming language exposes systems to arbitrary code execution : OFFICIAL CVE-2024-27322 PATCHING INFORMATION : A recent discovery has unearthed CVE-2024-27322, a significant vulnerability within the R programming language, widely used by statisticians, data miners, and increasingly in AI/ML applications. This vulnerability, CVE-2024-27322, with a ... Read More
Preparing for Holiday Cyberattacks
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, next gen security, Phishing, security, Security Research, vulnerability, zero-day
How can security teams be ready for holiday cyberattacks and a seasonal peak in cybercrime? Holiday cyberattacks are on the rise. The vacation season, be it Christmas, Hanukkah, Easter, St. Patrick’s Day, the summer break, or Diwali, is ideally synonymous with rest and relaxation. The odd barbecue, visiting relatives, or ... Read More
CVE-2024-2389 in Progress Flowmon Requires Immediate Patching
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, next gen security, security, Security Research, vulnerability
Navigating the severity of the CVE-2024-2389 vulnerability in Progress Flowmon, and the ramifications (and fix) for enterprise : OFFICIAL CVE-2024-2389 PATCHING INFORMATION : A significant security vulnerability (CVE-2024-2389) has surfaced in Progress Flowmon, a tool revered for its robust performance tracking, diagnostics, and network detection and response capabilities. Used by ... Read More
The Advantages of Cybersecurity Process Automation
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, lateral movement, microsegmentation, network segmentation, next gen security, security, Security Research, service account protection, zero trust
Cybersecurity process automation should be a critical part of any SOC security strategy As cyber threats become more sophisticated and pervasive, cybersecurity process automation becomes increasingly valuable, as busy cybersecurity teams face immense challenges in protecting sensitive data and maintaining secure environments. Process automation can enhance the efficiency and efficacy ... Read More
Layered Security Elements for Defense in Depth
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, lateral movement, next gen security, security, Security Research
Using layered security elements for the best possible defense-in-depth cybersecurity approach Layered security elements, also known as defense-in-depth (DiD), is a cybersecurity approach that uses multiple layers of defense to protect a computing system’s resources. The idea is to provide a redundant set of protective measures to address potential security ... Read More
WordPress Form Plugin Vulnerability CVE-2024-28890 Affecting 500k+ Sites
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, lateral movement, microsegmentation, next gen security, Security Research, vulnerability, zero trust, zero-day
Urgent patching alert (CVE-2024-28890) lists critical vulnerabilities in Forminator plugin that affect over 500,000 WordPress sites : OFFICIAL CVE-2024-28890 PATCHING INFORMATION : WordPress is one of the most popular content management systems (CMS) in the world, powering millions of websites. Its flexibility, enhanced by thousands of plugins, allows users to ... Read More
JSOutProx Malware Variant Targeting Financial Orgs., Warns Visa
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, lateral movement, Malware, microsegmentation, next gen security, security, Security Research, vulnerability
Visa issues alert on the rising threat from JSOutProx malware targeting financial institutions Visa has recently issued a critical security alert concerning a significant uptick in the activity of the particularly hazardous JSOutProx malware. This remote access trojan (RAT) is known for its sophisticated attack capabilities on financial institutions and ... Read More