Best of 2024

VPNs, firewalls, zero-trust, Implementing Zero-Trust Model

Best of 2024: If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door

Richard Stiennon | January 3, 2025 | Cybersecurity, firewalls, Security Awareness, VPN's, zero trust

Firewalls and VPN appliances are critical gateways. Like all on-prem systems, a vulnerability can lead to a compromise that is used to open the door for attackers. ...

Security Boulevard

Best of 2024: So-Phish-ticated Attacks

GuidePoint Security | January 3, 2025 | GRIT, GRIT Blog, Incident Response & Threat Intelligence, Ransomware

August 27, 2024 Authors: Rui Ataide, Hermes Bojaxhi The GuidePoint Research and Intelligence Team (GRIT) has been tracking a highly […] ...

The Guiding Point | GuidePoint Security

Best of 2024: National Public Data (NPD) Breach: Essential Guide to Protecting Your Identity

Rachel Hamasaki | January 2, 2025 | Blog, identity breach, National Public Data Breach, NPD breach

Following the publication of our in-depth analysis on the National Public Data (NPD) breach last week, Constella Intelligence received several inquiries about how to safeguard against identity attacks using the exposed SSNs. ...

Constella Intelligence

Best of 2024: Cisco Vulnerability: CISA Alerts Of Smart Install Exploits

Wajahat Raja | January 2, 2025 | CISA cybersecurity advisory, Cisco network device security, critical Cisco vulnerabilities 2024, Cybersecurity News, password-cracking attacks, Smart Software Manager On-Prem flaw

In light of recent cybercrime incidents, the United States (US) Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert pertaining to a Cisco vulnerability. As per recent reports, the Cisco vulnerability ...

TuxCare

Best of 2024: FIDO: Consumers are Adopting Passkeys for Authentication

Jeffrey Burt | December 31, 2024 | biometrics authentication, FIDO Alliance, Passkeys, passwordless-authentication

The FIDO Alliance found in a survey that as consumers become more familiar with passkeys, they are adopting the technology as a more secure alternative to passwords to authenticate their identities online ...

Security Boulevard

How TCP Resets Work: From Client to Server

Best of 2024: TCP Resets from Client and Server aka TCP-RST-FROM-Client

Ivan Novikov | December 31, 2024

Diving into the Enigma of TCP Resets Executed by Client and Server The Base Communication Protocol (BCP), understoond as the Transmission Control Protocol (TCP) equivalent, plays a key role in the protocol ...

Wallarm

Best of 2024: 30,000 Dealerships Down — ‘Ransomware’ Outage Outrage no. 2 at CDK Global

Richi Jennings | December 30, 2024 | Automotive, Automotive industry, Car Dealer, CDK Global, cloud outage, cloud Saas, Downtime and outages, outage, outages, Private Equity, Ransomware, SaaS, SaaS App Security, SB Blogwatch, Software-as-a-Service, Software-as-a-Service (SaaS)

Spend more on security! Car and truck dealers fall back on pen and paper as huge SaaS provider gets hacked (again) ...

Security Boulevard

Best of 2024: Microsoft Account Security Alert Email: Recognize the Scam

Ahona Rudra | December 30, 2024 | Blog, email security

Reading Time: 5 min Have you received a microsoft account security alert email? Learn how to identify legitimate alerts and avoid phishing scams targeting your Microsoft account ...

PowerDMARC

Best of 2024: AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again

Should’ve used MFA: $T loses yet more customer data—this time, from almost all of them ...

Security Boulevard

Best of 2024: CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability

Shubham Jha | December 27, 2024 | Top CVE Vulnerabilties, Vulnerabilities, vulnerability intelligence, Vulnerability Management

In a recent security advisory, Microsoft disclosed a high-severity vulnerability identified as CVE-2024-38063. This critical Remote Code Execution (RCE) flaw, rated with a CVSS score of 9.8, poses a significant... The post ...

Strobes Security

Best of 2024

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On