We recently published the results of our 2024 MSSP Survey, an exploration of the current state of the managed security services industry, told from the perspective of those on the front lines. The survey unearthed many fascinating insights on topics…
Tag: EN
The New Era of SOCs: Simplifying Cybersecurity for SMBs
A new wave of all-in-one SOC platforms is consolidating the market, bringing enterprise-grade security solutions within reach of SMBs. The post The New Era of SOCs: Simplifying Cybersecurity for SMBs appeared first on Security Boulevard. This article has been indexed…
Google Chrome browser users given 72 hour deadline to adopt Cybersecurity patches
To the estimated 3 billion active users of the Google Chrome browser worldwide, the United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security update. Users are now under a strict deadline of 72 hours to update…
Securing Data from Espionage: The Role of Confidential Computing
In an era where data breaches and cyber espionage are increasingly prevalent, protecting sensitive information has never been more crucial. Confidential computing emerges as a groundbreaking technology that enhances data security and privacy, offering a robust shield against unauthorized access…
Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks
Song Wu, a Chinese national, has been indicted on charges of wire fraud and aggravated identity theft. The charges stem from his alleged involvement in a sophisticated spear-phishing campaign targeting sensitive U.S. research and technology. This case highlights ongoing concerns…
Unlocking Secure Communications 101: The Fundamentals
Ensuring the protection of data and communications is of utmost importance for organisations adapting to the intricacies of the digital era. Are you knowledgeable about secure communications? Whether you’re new… The post Unlocking Secure Communications 101: The Fundamentals appeared first…
China claims Starlink signals can reveal stealth aircraft – and what that really means
If this really was that useful, they wouldn’t be telling us According to a Chinese state-sanctioned study, signals from SpaceX Starlink broadband internet satellites could be used to track US stealth fighters, such as the F-22.… This article has been…
Gateways to havoc: Overprivileged dormant service accounts
Service accounts are non-human identities used to automate machine-to-machine interactions. They support critical functions – such as running scripts, services, and applications like websites, APIs, and databases – and facilitate integrations, operating as a proxy to humans and supporting business…
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability that could result in remote code execution. The vulnerability, tracked as CVE-2024-28991, is rated 9.0 out of a maximum of…
The Day the IT World Stood Still
Lessons from CrowdStrike on Safeguarding Your Data with Compliance, Continuity and Disaster Recovery Strategies Where were you when the CrowdStrike outage hit? Many of us were stuck in our tracks when the recent global IT outage, triggered by a faulty…
How to Prepare Your Organization for the Future with Continuous Security Testing
You wouldn’t brush your teeth once a year — it just wouldn’t be frequent enough to maintain proper care and hygiene of a body part you use every day. Similarly, it’s just not sufficient to perform a security test once…
The Human Element in Non-Human Identity Security: Bridging the Gap in Modern Cybersecurity
In today’s cybersecurity landscape, Non-Human identities (NHIs) are exploding in number. For every human user, there may be hundreds or even thousands of NHIs running in the background. Traditional access management tools were designed primarily for human users, and they…
Beyond human IAM: The rising tide of machine identities
Remember when managing user accounts was your biggest headache? Those were simpler times. Today, we’re drowning in a sea of machine identities, and it’s time to learn how to swim – or risk going under. In the ever-expanding universe of…
The growing danger of visual hacking and how to protect against it
In this Help Net Security interview, Robert Ramsey, CEO at Rain Technology, discusses the growing threat of visual hacking, how it bypasses traditional cybersecurity measures, and the importance of physical barriers like switchable privacy screens. Could you explain visual hacking…
Securing SAP Systems: Essential Strategies to Protect Against Hackers
Due to its wide acceptance, SAP has become a favorite target for hackers. With the ubiquity of SAP Enterprise Resource Planning (ERP) systems, their extensive data banks, and the ever-expanding digital interfaces of the business world, hackers have become experts…
The cybersecurity workforce of the future requires diverse hiring practices
The global cybersecurity workforce gap reached a new high with an estimated 4.8 million professionals needed to effectively secure organizations, a 19% year-on-year increase, according to ISC2. Despite the growing need for professionals, global workforce growth has slowed for the…
ISC Stormcast For Tuesday, September 17th, 2024 https://isc.sans.edu/podcastdetail/9140, (Tue, Sep 17th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, September 17th, 2024…
Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day
The C in these CVEs stands for Confusing Analysis Microsoft, in a low-key update to its September Patch Tuesday disclosures, has confirmed a just-fixed Internet Explorer vulnerability was exploited as a zero-day before it could be patched.… This article has…
Chinese national accused by Feds of spear-phishing for NASA, military source code
May have reeled in blueprints related to weapons development A Chinese national has been accused of conducting a years-long spear-phishing campaign that aimed to steal source code from the US Army and NASA, plus other highly sensitive software used in…
Instituto Nacional de Deportes de Chile – 319,613 breached accounts
In September 2024, the Instituto Nacional de Deportes de Chile (Chile’s National Sports Institute) suffered a data breach. The incident exposed 1.7M rows of data with 320k unique email addresses alongside names, dates of birth, genders and bcrypt password hashes.…