The Evolution of Cybersecurity Liability for the C-Suite

The rapid evolution of cybersecurity liability for security chiefs, management, and information security professionals Cybersecurity liability is changing rapidly and has become a boardroom (and personal) matter in 2024, with increasing threats that pose significant challenges to organizations globally. In this environment, the role of Chief Information Security Officers (CISOs) ... Read More

The Persistent Threat of Path Traversal Vulnerabilities in Software Development

Path traversal vulnerabilities, or directory traversal, are now subject to a government advisory for obligatory consideration We live in an environment where digital infrastructure is increasingly fundamental to business operations across all business sectors, and the security of software products is a paramount concern. The FBI and CISA (Cybersecurity and ... Read More

Should We Pay the Ransomware Ransome?

To pay or not to pay the ransomware ransom: Should we pay to unlock our data, or is there an alternative? The decision as to whether or not we should pay ransomware demands isn’t an easy one, and ransomware attacks present organizations with one of the most challenging dilemmas and ... Read More

CVE-2024-27322 Vulnerability Found in R Programming Language

A critical vulnerability (CVE-2024-27322) in R programming language exposes systems to arbitrary code execution : OFFICIAL CVE-2024-27322 PATCHING INFORMATION : A recent discovery has unearthed CVE-2024-27322, a significant vulnerability within the R programming language, widely used by statisticians, data miners, and increasingly in AI/ML applications. This vulnerability, CVE-2024-27322, with a ... Read More

Preparing for Holiday Cyberattacks

How can security teams be ready for holiday cyberattacks and a seasonal peak in cybercrime? Holiday cyberattacks are on the rise. The vacation season, be it Christmas, Hanukkah, Easter, St. Patrick’s Day, the summer break, or Diwali, is ideally synonymous with rest and relaxation. The odd barbecue, visiting relatives, or ... Read More

CVE-2024-2389 in Progress Flowmon Requires Immediate Patching

Navigating the severity of the CVE-2024-2389 vulnerability in Progress Flowmon, and the ramifications (and fix) for enterprise : OFFICIAL CVE-2024-2389 PATCHING INFORMATION : A significant security vulnerability (CVE-2024-2389) has surfaced in Progress Flowmon, a tool revered for its robust performance tracking, diagnostics, and network detection and response capabilities. Used by ... Read More

The Advantages of Cybersecurity Process Automation

Cybersecurity process automation should be a critical part of any SOC security strategy  As cyber threats become more sophisticated and pervasive, cybersecurity process automation becomes increasingly valuable, as busy cybersecurity teams face immense challenges in protecting sensitive data and maintaining secure environments.   Process automation can enhance the efficiency and efficacy ... Read More

Layered Security Elements for Defense in Depth

Using layered security elements for the best possible defense-in-depth cybersecurity approach  Layered security elements, also known as defense-in-depth (DiD), is a cybersecurity approach that uses multiple layers of defense to protect a computing system’s resources. The idea is to provide a redundant set of protective measures to address potential security ... Read More

WordPress Form Plugin Vulnerability CVE-2024-28890 Affecting 500k+ Sites

Urgent patching alert (CVE-2024-28890) lists critical vulnerabilities in Forminator plugin that affect over 500,000 WordPress sites  : OFFICIAL CVE-2024-28890 PATCHING INFORMATION :  WordPress is one of the most popular content management systems (CMS) in the world, powering millions of websites. Its flexibility, enhanced by thousands of plugins, allows users to ... Read More

JSOutProx Malware Variant Targeting Financial Orgs., Warns Visa

Visa issues alert on the rising threat from JSOutProx malware targeting financial institutions Visa has recently issued a critical security alert concerning a significant uptick in the activity of the particularly hazardous JSOutProx malware. This remote access trojan (RAT) is known for its sophisticated attack capabilities on financial institutions and ... Read More