Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Earlier today, Cloudflare, along with Google and Amazon AWS, disclosed the existence of a novel zero-day vulnerability dubbed the “HTTP/2 Rapid Reset” attack. This attack exploits a weakness in the HTTP/2 protocol to generate enormous, hyper-volumetric Distributed Denial of Service (DDoS) attacks.

According to the recent The Cyber-Resilient CEO report released by IT services and consulting agency Accenture, a staggering 74% of CEOs have expressed concerns about their organizations' ability to protect their businesses from cyber attacks. This is despite the fact that 96% of CEOs acknowledge the importance of cybersecurity for the growth and stability of their organizations.

Modern cloud applications are made up of thousands of distributed services and resources that support an equally large volume of concurrent requests. This level of scale makes it more challenging for engineers to identify system failures before they lead to costly outages. System failures are often difficult to predict in cloud environments, and security threats add another layer of complexity.

“Purpose-built does not scale.” That’s what IDC says in its latest research report “How Hyperautomation Is Used to Reduce Gaps and Inefficiencies in Network Cybersecurity.” What does that mean? It means that your monitoring point products, like legacy SOAR, just don’t cut it any longer. They can’t scale in today’s hybrid cloud and multi-cloud environments without piling on more tools, further fueling tech stack sprawl.

The AEC industry is heavily reliant on accurate and reliable information. Architects, engineers, builders, and owners all require instant access to data and documentation throughout the lifetime of a project, from inception to post-occupancy. In a project with numerous stakeholders, ensuring timely access to necessary information is crucial for all involved parties.

The nation’s capital—Washington, D.C., hosts over 700k+ individuals along the shared border of Maryland and Virginia; within Columbia, an estimated 86.9% of inhabitants can actively vote. The D.C. Board of Elections (DCBOE) is an autonomous group overseeing elections in the area. They manage the voter registration process and manage ballot access for the public. However, D.C. residents are under threat following a recent data breach.

All web traffic flowing out of your company network should be passing through a web proxy. These proxy logs are a great resource for threat hunting and security investigations, yet they often translate into extremely large volumes of data.

The factors that pose risks to companies are constantly changing. Clinging to a single defense strategy can be counterproductive, as this strategy can quickly become outdated and ineffective. As a managed service provider (MSP), you may have found that your customers are unwilling to consider new cybersecurity tools unless there is a problem, or they aren’t satisfied with their existing solution.

In the dynamic realm of governmental regulations, the Digital Operational Resilience Act (DORA) in the EU emerges as a game-changer. Slated for a detailed rollout by early 2024, the buzz surrounding DORA has resonated within the information and communication technology (ICT) and financial sectors for quite some time, and its distinction lies in its holistic and authoritative approach. DORA is heralded as the high-water mark for cybersecurity regulations tailored for the financial arena. Its mission?

The Open Web Application Security Project (OWASP) has published the latest edition of its API Security Top Ten, which was first published in 2019. The Top Ten is a significant daughter list of the OWASP Top Ten, which is one of the most definitive lists of the most severe web application risks. Why is this important? What are its main findings? And what does this mean for application security?