An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges and perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474.

About five years ago, I was having trouble with an expensive brand-name refrigerator that my wife and I had bought. It was a great refrigerator feature-wise. My wife and I initially loved it. But it kept breaking. And each break, even though it was covered by the warranty, took weeks and weeks to repair.

While most security teams now have systematic processes in place for identifying vulnerabilities and responding to targeted threats, large-scale security incidents that affect many organizations globally are now an increasingly common occurrence. The Crowdstrike outage in July, while not specifically a security incident, demonstrated how targeted breaches or failures in our security infrastructure can have a ripple effect across entire industries and disrupt critical aspects of everyday life.

NIST, or the National Institute of Standards and Technology, is a U.S. federal government agency that creates frameworks and publications to manage organisations’ security requirements. NIST has released many Special Publications (SP), each containing several guidelines and security controls. One of the most comprehensive frameworks under NIST is the SP 800-53. Initially designed for federal agencies, this framework has become increasingly relevant for businesses of all sizes.

The Swiss National Cyber Security Centre (NCSC) has warned of a QR code phishing (quishing) campaign that’s targeting people in Switzerland via physical letters sent through the mail, Malwarebytes reports. The letters purport to come from the Swiss Federal Office of Meteorology and Climatology (MeteoSwiss), asking recipients to scan a QR code to install a new app for severe weather warnings.

Are you a service organization seeking an audit to gain customers’ trust? Or maybe you are looking to attract prospective clients by proving how serious you are with customers’ data. If that is the case, you have come to the right place.

As the holiday shopping season kicks into high gear, cybercriminals are gearing up too. This year, alongside the usual suspects, we're seeing some crafty new scams, so let’s take a look at some of the ones you should be most careful of during Black Friday, Cyber Monday and Giving Tuesday. AI-Generated Fake Reviews AI has allowed scammers to flood product pages with well-written and convincing fake reviews of products.

You can remove your personal information from the internet by requesting that Google and people search sites remove it, checking if your credit card offers any removal services, deleting unused accounts and adjusting your privacy settings. Removing your Personally Identifiable Information (PII) from the internet can prevent cybercriminals from stealing your identity, committing fraud and targeting you with spam.