Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

While grandma’s stuffing might be the best part of your holiday turkey dinner, credential stuffing attacks can be the worst part of being the person responsible for your company’s security monitoring. Your IT environment likely consists of all the ingredients attackers need to deploy an attack successfully.

Since the discovery of CRIME, BREACH, TIME, LUCKY-13 etc., length-based side-channel attacks have been considered practical. Even though packets were encrypted, attackers were able to infer information about the underlying plaintext by analyzing metadata like the packet length or timing information. Cloudflare was recently contacted by a group of researchers at Ben Gurion University who wrote a paper titled “What Was Your Prompt?

After a decade in the making – or waiting, as the case may be – the National Institute of Standards and Technology (NIST) has released the first major revision to its Cybersecurity Framework (CSF), a set of voluntary standards and best practices for managing cybersecurity risks. NIST CSF 2.0, released on Feb 26, 2024, expands the scope and applicability of the framework to cover more types of organizations and industries, including the private sector, government and nonprofits.

Privacy is the individual’s right to control the use of their personal data, and DSAR is the mechanism by which individuals can enforce this right. This right to their own information, as used by an organization, is guaranteed by privacy laws like Europe’s General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA). If your organization collects and uses personal data, especially for European or Californian customers, you should be prepared to respond to DSARs.

Much like our own blood, data is the lifeblood that flows through the arteries of business today. Organizations must ensure that data is protected appropriately based on that data’s sensitivity, criticality, and regulatory or contractual requirements. These protections are provided through administrative, technical, and physical controls. The primary goal of these controls is to provide preventative, detective, or corrective capabilities.

In the world of networking, misconfigurations and inconsistencies can lead to significant issues for businesses, especially those in highly regulated industries such as financial services. One Fortune 500 financial services company experienced a nightmare scenario with their MTU (Maximum Transmission Unit) settings, resulting in application and performance problems. Fortunately, the company found a solution in Forward Networks' digital twin.

In the ever-evolving landscape of cloud-native applications built with containers and Kubernetes, webhooks serve as the communication backbone, facilitating seamless integration between various components, especially in the realms of security, networking, and troubleshooting. This is further amplified when combined with popular collaboration tools such as Jira and Slack.

It has been over a year and a half since the latest generative AI revolution descended upon the world. All IT markets have seen a wave of both new AI products, as well as AI-driven capabilities in existing products being introduced with a breakneck pace.

The Payment Card Industry Data Security Standard (PCI DSS) 4.0, issued a comprehensive set of requirements, to safeguard online payment systems against breaches and theft of cardholder data. Requirement 6.4.3 is one of the critical components for businesses that take online payment and focuses on the management and integrity of scripts on webpages that take payment card (i.e.m credit card) payments.

Enabling Multi-Factor Authentication (MFA) is a cybersecurity best practice that helps protect online accounts from unauthorized access; however, not all forms of MFA are created equally in terms of security. There are ways that cybercriminals can bypass MFA. Some MFA methods are more vulnerable to cyber attacks and are often exploited by cybercriminals. There are methods of MFA that do a better job of protecting your online accounts; you just have to choose the correct option.