Verizon 2023 DBIR: Credential Leaks Continue To Be A Major Issue
Verizon's 2023 DBIR shows trends for incidents and breaches from the last year. Read our recap to see how credential leakage is helping malicious actors gain entry.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
What's New in the NIST CSF 2.0 Draft?
The National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) is undergoing a major update. The NIST CSF is one of the most widely used frameworks to help organizations understand and manage their cybersecurity risks. The NIST CSF was released as version 1.0 in 2014, updated to version 1.1 in 2018, and will be updated to version 2.0 early next year. NIST recently released a draft of CSF version 2.0.
KeeperPam Overview
KeeperPAM was created to fully protect perimeterless and multi-cloud environments with just the features you need. Keeper's patented PAM solution enables organizations to achieve complete visibility, security, control and reporting across every privileged user on every device in your organization. The platform enables zero-trust and zero-knowledge security and compliance by unifying three integral products into one SaaS platform with limited IT staff required.
The Roadmap to Securing Your Digital Assets with Cybersecurity
“Technology trust is a good thing, but control is a better one.”
CVE 2023-2868: Barracuda Urges Customers to Replace Compromised Email Security Gateway (ESG) Appliances
On Tuesday, June 6, 2023, Barracuda announced that all ESG appliances compromised via CVE-2023-2868 must be immediately replaced, regardless of the current patch version. Barracuda ESG is an email security gateway that manages and filters inbound and outbound email traffic within an organization’s network. On May 18, 2023, Barracuda identified CVE-2023-2868 after being alerted to anomalous traffic originating from ESG appliances.
Get It Right First Time with a Comprehensive Approach to Application Security
In the rapidly evolving digital landscape, ensuring robust application security is paramount for organizations. With the emergence of AI-powered attacks and other sophisticated threats, it is crucial to integrate comprehensive Application Security Testing (AST) into the Software Development Lifecycle (SDLC).
Application Security in the Era of AI-driven Attacks
In today’s digital landscape, the importance of application security cannot be overstated, as businesses worldwide face evolving cyber threats. Both defenders and attackers are now harnessing the power of Artificial Intelligence (AI) to their advantage. As AI-driven attacks become increasingly sophisticated, it is crucial for organizations to adopt a comprehensive approach to application security that effectively addresses this emerging threat landscape.
UBA vs UEBA - Decoding the Differences
One of the most important aspects of cybersecurity is monitoring and detecting threats that may compromise the security and integrity of your company. However, not all threats are easy to spot or prevent with traditional security tools. That’s why many cybersecurity enthusiasts, professionals, and IT units of companies are curious about UBA and UEBA. But what is the difference between UBA and UEBA?
More than 16K Capital One Customers Exposed in Recent Data Breach
Capital One is a large financial corporation and an American bank that offers financing and a range of other financial services to interested customers. The company works with millions of customers throughout the country, and with so much data and so many services, Capital One must rely on partners to deliver its services effectively. Its reliance on third-party companies is what caused the company to suffer from a substantial data breach that put more than 16,779 customers at risk.
Weekly Cybersecurity Recap June 9
Data breaches are a serious risk that can lead to a substantial amount of lost information annually. This week financial, legal, health, and education sectors were all hit. Major health insurance providers like MCNA and Harvard Pilgrim were exposed, legal company Casepoint suffered substantial data losses, the University of Rochester was hit, and Capital One also suffered significant losses.