Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In one of the most important cybersecurity regulatory developments in recent memory, the U.S. Securities and Exchange Commission (SEC) recently adopted new cybersecurity requirements for publicly traded companies, creating new obligations for reporting “material” cybersecurity incidents and requiring more detailed disclosure of cybersecurity risk management, expertise, and governance. Companies are required to disclose risks in their annual reports beginning on December 15, 2023.

As cyber threats have grown in sophistication and frequency, a paradigm shift in security strategy has become imperative. This shift has given rise to the Zero Trust Security Framework, an approach that challenges the very foundation of trust in network security. User and Entity Behavior Analytics (UEBA) steps into the spotlight as a dynamic force that complements and enhances the Zero Trust Security framework. Let’s discover how UEBA can help organizations achieve zero trust security!

Critical zero-day Citrix CVE-2023-3519 is still being exploited two months after Citrix released a patch. IONIX research found that 19% of the CVE-2023-3519 vulnerabilities are still unmitigated in comparison to only 3% among IONIX customers. In addition, IONIX customers were able to resolve this critical risk three times faster.

The Payment Card Industry Data Security Standard (PCI DSS) aims to prevent financial fraud by securing payment card data. Any company that handles this data must implement security measures to ward off unauthorized access. In this process, you’ll come across key terms like PCI SAQ (Self-Assessment Questionnaire), AOC (Attestation of Compliance), and PCI ROC (Report on Compliance). Let’s focus on the ROC for now.

Welcome to a new era of network penetration testing powered by vPenTest, an award-winning solution from Vonahi Security. vPenTest is changing the game, making regular penetration testing easy, affordable and highly effective for organizations of all sizes. That’s why vPenTest has been recognized as a top pentesting tool by G2.

Cyberattacks striking the financial services industry are more prevalent, dangerous, and hitting faster than ever. To provide much needed guidance and recommended mitigation measures the elite Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the financial services sector and released the report 2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies.

One of the most reliable constants in the cybersecurity world is that threats are always increasing as cybercriminals advance their tactics and develop new ones. It can be a daunting task for organizations to continually stay on top of these threats, protect their own data and assets, and monitor the threat landscape for changes.

Attacks against industrial control systems (ICS) are on the rise. Cyberattacks are more prevalent, creative and faster than ever. So, understanding attackers’ tactics is crucial. The IBM Security X-Force Threat Intelligence Index 2023 highlights that backdoor deployments enabling remote access to ICS systems were the most common type of attacker action in 2022.