Threats & Breaches
Closing the Gaps: How Attack Path Management Improves Vulnerability Management Programs
Luke Luckett | | attack-path-management, Cybersecurity, risk management, security-operation-center, Vulnerability Management
In conversation: Pete McKernan & Luke LuckettAs organizations seek to wrap their arms around potential cybersecurity exposures, CIOs and CISOs are increasingly pushing their vulnerability management teams to widen scope. With such a ...
The Challenges of Detecting and Mitigating Insider Threats
In our previous post, we discussed the results of the 2024 Insider Threat Report, a survey conducted by Cybersecurity Insiders. Building upon that, we’ve received a surge of interest in this tricky ...
Microsoft Entra ID Password Protection in Hybrid Environments
Can Entra ID continually defend against exposed passwords in new data breaches as businesses operate across a hybrid environment? ...
Top 5 CVEs & Vulnerabilities of September 2024
As September comes to a close, we’ve seen some fresh vulnerabilities emerge that demand immediate attention. From critical flaws in widely used software to newly discovered loopholes that could impact... The post ...
CISA and FBI Issue Alert on XSS Vulnerabilities
Rohan Timalsina | | cisa, CISA Alert, Cross-Site Scripting (XSS), Cross-Site Scripting (XSS) Attacks, Cyber threat landscape, Cybersecurity Best Practices, cybersecurity defense strategies, Cybersecurity Weaknesses, enterprise security, FBI, FBI alert, Linux & Open Source News, secure by design, Secure by Design Alert, Software Security, Vulnerability Management, XSS Vulnerabilities
Cross-site scripting (XSS) vulnerabilities continue to be a major concern in today’s software landscape, despite being preventable. CISA and FBI have issued a Secure by Design alert to reduce the prevalence of ...
Storm-0501 Gang Targets US Hybrid Clouds with Ransomware
The financially motivated Storm-0501 threat group is attacking hybrid cloud environments in the United States by compromising on-prem systems first and moving laterally into the cloud, stealing data and credentials and dropping ...
Security Boulevard
Kia’s Huge Security Hole: FIXED (Finally)
Richi Jennings | | Car Dealer, connected car security, Connected Cars, connected vehicle, Connected Vehicles, connected-car, Consumer IoT, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, Kia, Korea, SB Blogwatch, South Korea, southkorea
Connected cars considered crud: Kia promises bug never exploited. But even 10-year-old cars were vulnerable ...
Security Boulevard
Are You Sabotaging Your Cybersecurity Posture?
By investing in robust ITDR solutions and avoiding the common pitfalls of underfunding, over-relying on single solutions and chasing trends, organizations have the power to stop potentially devastating data breaches in their ...
Security Boulevard
Forget About Hurricanes, Enterprises Must Prepare for Typhoons
It’s hurricane season, and everyone knows what to expect and do. Install storm shutters, have extra food and supplies, backup generators, have flood insurance, and keep paying attention to upcoming forecasts. All ...
Innovation or Security? Solving the CIO’s Dilemma
The life of a CIO is not dissimilar to that of a trapeze artist. The reason we’re able to soar so high is because of the safety net beneath. Remove that, and ...