OPSWAT this week revealed it has acquired Fend, Inc. to further extend the reach of its cybersecurity portfolio into the realm of operational technology (OT). The post OPSWAT Acquires Fend to Extend Cybersecurity Reach Into OT Platforms appeared first on…
Tag: Security Boulevard
Insider Threat Indicators
Nisos Insider Threat Indicators Security threats can come from trusted individuals within your organization or partners, contractors, and service providers with authorized access to sensitive systems and data… The post Insider Threat Indicators appeared first on Nisos by Nisos The…
Human Risk Management: The “Weakest Link” Emerges as Key to Cybersecurity
With technology front and center in virtually all business processes, it may seem counterintuitive to suggest that today’s greatest cybersecurity risks don’t stem from technology, but from people. It’s widely recognized that people pose the greatest risk to data and security.…
How Data Classification Reduces Insider Threats
Companies can significantly reduce insider threat risks with a suitable data classification strategy that adequately manages and protects sensitive information. The post How Data Classification Reduces Insider Threats appeared first on Security Boulevard. This article has been indexed from Security…
Zero-Trust in Web3: Redefining Security for Decentralized Systems
By adopting zero-trust principles, we can build systems that are not only decentralized but also secure, resilient and future-proof. The post Zero-Trust in Web3: Redefining Security for Decentralized Systems appeared first on Security Boulevard. This article has been indexed from…
CISO Challenges for 2025: Overcoming Cybersecurity Complexities
As organizations recognize the immense value and criticality of your data and systems, cybersecurity has become intrinsically linked to business strategy. Chief Information Security Officers (CISOs) are increasingly expected to play a central role in shaping business decisions, assessing and…
DEF CON 32 – Exploiting Cloud Provider Vulnerabilities for Initial Access
Author/Presenter: Nick Frichette Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The…
Protecting Your Heart and Wallet: A Guide to Safe Charitable Giving
The holiday season brings out the best in people, with many feeling inspired to support worthy causes. Unfortunately, it also attracts scammers who prey on this generosity. Here’s how to ensure your donations reach legitimate charities while protecting your personal…
Kubernetes Secrets: How to Create and Use Them
Kubernetes, also known as K8s, is a powerful platform for orchestrating containers in complex, distributed environments. Among its many features, Kubernetes has Secrets, which safeguard sensitive information like API keys, passwords, and tokens in a cluster. By separating confidential data…
Detection as Code: Key Components, Tools, and More
As software development accelerates, the need to identify threats and respond in real time is greater than ever. Detection as Code (DaC) allows you to write, maintain, and automate your threat detection logic as if it were software code, making…
What Is Privilege Escalation? Types, Examples, and Prevention
Privilege escalation is a critical cybersecurity threat in which a user—usually a malicious actor—gains access to data beyond what their account permissions allow. Attackers can gain this access through human error, stolen credentials, or social engineering. The post What Is…
CVE-2024-50379: A Critical Race Condition in Apache Tomcat
An Apache Tomcat web server vulnerability has been published, exposing the platform to remote code execution through a race condition failure. The post CVE-2024-50379: A Critical Race Condition in Apache Tomcat appeared first on Security Boulevard. This article has been…
Data Security in 2025: Five Steps to Strategic Success in 2025
As 2024 comes to a close, IT security and business leaders will be braced for another challenging year ahead. In the long-term, economic uncertainty and geopolitical instability seem set to continue, creating the conditions in which threat actors thrive. They…
Machine Identity Was the Focus at Gartner’s IAM Summit
Last week’s Gartner IAM Summit in Grapevine, Texas, was a whirlwind of insights, particularly around machine identity management (MIM). The event underscored the transformative trends and challenges shaping the domain, providing both thought leadership and actionable strategies for businesses navigating…
The year in ransomware: Security lessons to help you stay one step ahead
Operation Cronos, a Europol-led coalition of law enforcement agencies from 10 countries, announced in February that it had disrupted LockBit — one of the most prolific ransomware gangs in the world — at “every level” of its operations. Being responsible…
Anatomy of a 6-day Credential Stuffing Attack From 2.2M Residential IPs
In this article, we cover the details of a heavily distributed credential-stuffing attack that targeted a major US financial service company (spoiler: there were some pretty clear signs of device spoofing, as you’ll see below). By the end of the…
SASE Market Hits $2.4 Billion, Top Vendors Tighten Market Share Grip
The global Secure Access Service Edge (SASE) market reached $2.4 billion in the third quarter of 2024, with six leading vendors — Zscaler, Cisco, Palo Alto Networks, Broadcom, Fortinet and Netskope — capturing a combined 72% market share. The post…
CISA Mandates Federal Agencies Secure Their Cloud Environments
CISA is requiring all federal agencies to adopt stronger measures to improve their SaaS configurations and protect their complex cloud environments against growing threats from hackers, who are increasingly targeting third parties like cloud providers. The post CISA Mandates Federal…
Turning Insights into Action: The Importance of Vulnerability Remediation after VAPT
Vulnerability Assessment and Penetration Testing (VAPT) has become an essential practice for organizations aiming to secure their digital assets. However, identifying vulnerabilities is only half the battle; the real challenge lies in addressing them effectively. This is where vulnerability remediation…
The Best Mimecast DMARC Analyzer Alternatives and Competitors
Check out the list of top 10 Mimecast Dmarc analyzer alternatives. Find the best solution for your email security by considering their pros & cons & pricing. The post The Best Mimecast DMARC Analyzer Alternatives and Competitors appeared first on…