July 2024

Alerts on Policy Breaches Now Available via API

Jul 3, 2024 By Victor Arellano In Detectify

All Surface Monitoring users can configure Attack Surface Policies directly from the new Domains page, enabling various combinations of characteristics that were previously unavailable. Users are now alerted when policy breaches occur directly through their integrated tools, such as Slack and Jira.

Read Post

Detectify

Read more about Alerts on Policy Breaches Now Available via API

CVE-2024-6387 - RCE Vulnerability in OpenSSH

Jul 3, 2024 By Research Team In Cyberint

A high-severity remote code execution (RCE) vulnerability, CVE-2024-6387, has been discovered in OpenSSH’s server by the Qualys research team. This vulnerability is particularly concerning as it revives an issue that was previously addressed in 2006, highlighting the persistence of hidden bugs in widely used secure software. This discovery follows another significant vulnerability in the XZ Utils library found just a few months ago, underscoring ongoing security challenges.

Read Post

Cyberint

Read more about CVE-2024-6387 - RCE Vulnerability in OpenSSH

Why regulation is the cornerstone of AI development

Jul 2, 2024 By Paulo Rodriguez, Head of International In Vanta

By now, we're very familiar with the game-changing potential of AI. The rapid rise of ChatGPT has shown us just how quickly the technology has gone from concept to the palm of our hands. AI has the ability to dramatically accelerate workflows, and subsequently free up businesses to focus on strengthening their security and build customer trust. Why then is the UK's security industry so short on confidence when it comes to using it? One reason: a lack of regulation.

Read Post

Vanta

Read more about Why regulation is the cornerstone of AI development

5 Reasons Employees Hate Cybersecurity Training and 6 Tips to Turn Them Around

Jul 2, 2024 By Trustwave In Trustwave

Cybersecurity is no longer solely an IT department’s concern; it's a company-wide responsibility. But with busy schedules and overflowing inboxes, getting employees to truly pay attention to cybersecurity training can feel like an uphill battle. Let’s start off with why too many staffers are apt to mentally tap out when taking an awareness course. Now, let’s look at how to design a cybersecurity awareness program that will keep employees engaged and informed.

Read Post

Trustwave

Read more about 5 Reasons Employees Hate Cybersecurity Training and 6 Tips to Turn Them Around

regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability

Jul 2, 2024 By Splunk Threat Research Team In Splunk

OpenSSH, an application installed by default on nearly every Unix-like and Linux system, has recently come under scrutiny due to a critical vulnerability discovered by Qualys. Designated as CVE-2024-6387 and aptly named "regreSSHion," this flaw exposes Linux environments to remote unauthenticated code execution. The implications of this vulnerability are far-reaching, potentially affecting countless servers and infrastructure components across the globe.

Read Post

Splunk

Read more about regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability

Understanding Transaction Monitoring in Anti-Money Laundering (AML)

Jul 2, 2024 By Mohini Sahu In IDcentral

Transaction monitoring in the realm of Anti-Money Laundering (AML) is a critical process that financial institutions employ to detect and prevent illicit activities such as money laundering, terrorist financing, and fraud. As regulatory scrutiny intensifies globally, the importance of robust transaction monitoring systems cannot be overstated.

Read Post

IDcentral

Read more about Understanding Transaction Monitoring in Anti-Money Laundering (AML)

The 443 Podcast - Episode 296 - OpenSSH regreSSHion Vulnerability

Jul 2, 2024 By WatchGuard In WatchGuard

This week on the podcast, we cover OpenSSH's recent critical vulnerability and what it means for systems administrators. Before that, we discuss the CDK Global ransomware attack impacting car dealerships across the us, a Korean internet service provider delivering malware to their customers, and a takeover of a popular JavaScript library gone hostile. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The 443 Podcast - Episode 296 - OpenSSH regreSSHion Vulnerability

G2 Names UpGuard #1 TPRM Software - Summer 2024

Jul 2, 2024 By Kaushik Sen In UpGuard

We are delighted to announce that UpGuard has once again been recognized as the Leader in Third-Party and Supplier Risk Management Software by G2. The publication of G2's Summer 2024 report marks eight consecutive quarters were UpGuard was named a Category Leader. Established in 2012, G2 is a trusted resource for software reviews and customer feedback. It guides over 90 million users, including employees from all Fortune 500 companies, in making informed software choices.

Read Post

UpGuard

Read more about G2 Names UpGuard #1 TPRM Software - Summer 2024

Nightfall Named A Leader in Data Loss Prevention (DLP) by G2

Jul 2, 2024 By The Nightfall Team In Nightfall

Nightfall has been named a Leader in Data Loss Prevention (DLP), Sensitive Data Discovery, Data Security, and Cloud Data Security in G2’s Summer ‘24 reports. We’d like to extend a huge thank you to all of Nightfall’s customers and supporters for making this possible. We’re also happy to acknowledge the Nightfall team’s tireless innovation, all in pursuit of helping customers to protect their sensitive data across the sprawling enterprise attack surface.

Read Post

Nightfall

Read more about Nightfall Named A Leader in Data Loss Prevention (DLP) by G2

Rule tuning - supercharge Cloud SIEM for better alerts

Jul 2, 2024 By Paul Sheck In Sumo Logic

We’ve seen the movies where the character needs to get out of a jam or needs to get somewhere in a hurry, so they mash the big button of Nitrous Oxide and boom they are off! Fast and the Furious and Boss Level are the two movies that come to mind. So, how does this relate to a SIEM or SIEM rules? Sit down, buckle up, and let’s go for a ride.

Read Post

Sumo Logic

Read more about Rule tuning - supercharge Cloud SIEM for better alerts

Ask a Document

Jul 2, 2024 By Egnyte In Egnyte

Egnyte’s AI-driven “Ask” allows you to quickly summarize documents and ask questions, so you can find the information you need fast!

View Video

Egnyte

Read more about Ask a Document

Developing in the Age of AI, with Cloudflare's Ricky Robinett

Jul 2, 2024 By Cloudflare In Cloudflare

Experience a deeper understanding of AI's transformative potential! Watch our exclusive video, 'Developing in the Age of AI,' featuring profound insights shared by Cloudflare’s Vice President of Developer Relations, Ricky Robinett. Explore the dynamic convergence of cybersecurity and AI efficacy. Share your details to unlock privileged access to this video, empowering you with the profound insights that shape the technological landscape.

View Video

Cloudflare

Read more about Developing in the Age of AI, with Cloudflare's Ricky Robinett

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2024

Alerts on Policy Breaches Now Available via API

CVE-2024-6387 - RCE Vulnerability in OpenSSH

Why regulation is the cornerstone of AI development

5 Reasons Employees Hate Cybersecurity Training and 6 Tips to Turn Them Around

regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability

Understanding Transaction Monitoring in Anti-Money Laundering (AML)

The 443 Podcast - Episode 296 - OpenSSH regreSSHion Vulnerability

G2 Names UpGuard #1 TPRM Software - Summer 2024

Nightfall Named A Leader in Data Loss Prevention (DLP) by G2

Rule tuning - supercharge Cloud SIEM for better alerts

Ask a Document

Developing in the Age of AI, with Cloudflare's Ricky Robinett

Monthly Archive

Follow Us