Apple wants its three-year-old lawsuit against spyware maker NSO to be dismissed, citing the surveillance software maker’s declining dominance of the expanding market and fears that its own threat intelligence could be exposed, which would harm its efforts to protect…
Tag: Security Boulevard
DORA Compliance Checklist: From Preparation to Implementation
Learn how to navigate the DORA compliance checklist and meet DORA cybersecurity regulation requirements with our step-by-step guide. The post DORA Compliance Checklist: From Preparation to Implementation appeared first on Scytale. The post DORA Compliance Checklist: From Preparation to Implementation…
Why Are So Many Public Sector Organizations Getting Attacked?
Public sector organizations such as schools, hospitals, manufacturing units, essential services and government offices have become a popular target for cybercriminals. The post Why Are So Many Public Sector Organizations Getting Attacked? appeared first on Security Boulevard. This article has…
Unlock FCC Pilot Program Funding with Cloud Monitor and Content Filter
Maximize Your District’s Application Success: How ManagedMethods Qualifies for the Identity Protection and Authentication Category We recently hosted a live webinar that discusses what you need to know about the FCC School and Libraries Cybersecurity Pilot Program. This webinar outlines…
SOC 2 Compliance Provides AppViewX Customers Security and Data Protection Assurance
At AppViewX, our top priority is safeguarding the digital identities that are the backbone of modern enterprises. With hundreds of customers and millions of certificates under management, AppViewX bears a significant responsibility to protect its customers’ critical data and infrastructure.…
The Rise of AI Voicemail Scams, Political Donation Privacy Concerns
In episode 346, we discuss new AI-driven voicemail scams that sound convincingly real and how to identify them. We also explore recent research on the privacy concerns surrounding donations to political parties through their websites. Additionally, we celebrate the 15th…
USENIX Security ’23 – Multiview: Finding Blind Spots in Access-Deny Issues Diagnosis
Authors/Presenters:Bingyu Shen, Tianyi Shan, Yuanyuan Zhou Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the…
USENIX Security ’23 – On the Feasibility of Malware Unpacking via Hardware-assisted Loop Profiling
Authors/Presenters:Binlin Cheng, Erika A Leal, Haotian Zhang, Jiang Mingy Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott;…
SquareX: The Future of BYOD Security for Enterprises
Convert the Browsers on BYOD / Unmanaged Devices into Secure Browsing Sessions As modern enterprises continue to adapt to the flexible work culture, Bring Your Own Device (BYOD) policies have become a standard practice. However, protecting sensitive corporate data while maintaining…
CVE-2024-28986 – SolarWinds Web Help Desk Security Vulnerability – August 2024
A critical vulnerability (CVE-2024-28986) in SolarWinds Web Help Desk puts systems at risk of exploitation, requiring immediate attention. Affected Platform The security vulnerability CVE-2024-28986 primarily affects the SolarWinds Web Help Desk software. Organizations utilizing this platform must act swiftly to…
New Office of the CISO Paper: Organizing Security for Digital Transformation
So some of you are thinking “ewwww … another security transformation paper” and this is understandable. A lot of people (and now … a lot of robots too) have written vague, hand-wavy “leadership” papers on how to transform security, include security into…
Fundamentals of GraphQL-specific attacks
GraphQL vs REST APIs Developers are constantly exploring new technologies that can improve the performance, flexibility, and usability of applications. GraphQL is one such technology that has gained significant attention for its ability to fetch data efficiently. Unlike the traditional REST…
CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability
Introduction Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution that allows for centralized management of devices within an organization. On September 12th, 2024, ZDI and Ivanti released an advisory describing a deserialization vulnerability resulting in remote code execution…
USENIX Security ’23 – Security Analysis of MongoDB Queryable Encryption
Authors/Presenters:Zichen Gui, Kenneth G. Paterson, Tianxin Tang Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via…
Randall Munroe’s XKCD ‘Monocaster’
<a class=” sqs-block-image-link ” href=”https://xkcd.com/2983/” rel=”noopener” target=”_blank”> <img alt=”” height=”673″ src=”https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/d6d46307-0dbb-42b6-9d46-ab12d107684e/monocaster.png?format=1000w” width=”536″ /> </a><figcaption class=”image-caption-wrapper”> via the comic & dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Monocaster’ appeared first on Security Boulevard. This…
AI in Cybersecurity: Experts Discuss Opportunities, Misconceptions and the Path Forward
Artificial intelligence (AI) is no longer just a buzzword in the cybersecurity industry—it’s an essential tool for staying ahead of threats. But how are leading organizations leveraging AI in cybersecurity effectively, and what challenges do they face? During a recent…
Top 5 Vulnerability Management Mistakes Companies Make (Plus a Bonus Mistake to Avoid)
Are you confident your vulnerability management is doing its job, or do you sometimes feel like it’s falling short? Many companies invest time and resources into managing vulnerabilities, yet still… The post Top 5 Vulnerability Management Mistakes Companies Make (Plus…
Realm.Security Emerges to Tackle Cybersecurity Data Management
Realm.Security has launched a platform for collecting and normalizing cybersecurity telemetry data that promises to streamline analytics. The post Realm.Security Emerges to Tackle Cybersecurity Data Management appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read…
Live Patching as a Growth Enabler for Your Infrastructure
Yesterday, as I was preparing this article, I had the opportunity to present at a TuxCare webinar, where we introduced live patching. Throughout the presentation, we discussed various characteristics of this patching methodology. While reflecting on these aspects, I realized…
Cybersecurity Compliance and Beyond: How Protocols Drive Innovation and Growth
In today’s digital age, cybersecurity compliance is no longer just a legal necessity or a defensive measure; it has become a catalyst for innovation and growth. The post Cybersecurity Compliance and Beyond: How Protocols Drive Innovation and Growth appeared first…