Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Two vulnerabilities have been detected in in Citrix NetScaler ADC and NetScaler Gateway. These vulnerabilities are being tracked as CVE-2023-6549 and CVE-2023-6548 with CVSS scores of 8.2 and 5.5 respectively. They are under active exploitation, affecting the following product versions.

Ransomware-as-a-service (RaaS) may not be a brand-new tactic on the cyber battlefield, but it’s quickly gaining popularity among threat actors. For at least the past five years, cybercriminals have not only realized the monetary effectiveness of ransomware, but have understood that by banding together, and utilizing each other’s strengths, they could expand their ransomware attacks, split the profits, and utilize stolen data to launch future cyber attacks on larger organizations.

Imagine you’re on the tail end of installing a 100-line script. It’s five o’clock, and you’re ready to head out early for once. You run the startup script on a new server, and then – the fated error message. Something isn’t working, and only after painstakingly reviewing 67 lines of code do you realize you had the IP address wrong. This could have been prevented.

A new comic strip to better grasp the simple but effective way HasMySecretLeaked checks your secrets without asking you to reveal them!

Hypothesis-driven hunting is probably the most well-known type of threat hunting, and it’s one of the three types defined in the PEAK threat hunting framework. In this article, we’ll walk through a sample hypothesis-driven hunt, step-by-step. For our data, we’ll be using the Boss of the SOC Version 3 (BOTSv3) dataset, which you can use to recreate the hunt and work through it on your own. Below is a diagram of the Hypothesis-Driven hunting process.

Over the last couple of difficult years, businesses worldwide have been forced to accelerate their adoption of new technologies and IT security – and cybercriminals have been just as fast to catch up. Fresh from our latest report, here are some headline stats about phishing that you need to know for 2024.

Most customers come to Netwrix in anticipation of going public or in preparation for audit after an IPO. Recently, however, an increasing number of public companies are purchasing our products after failing an audit or receiving a warning of material deficiencies. The good news is that, in all cases, the main challenges are entirely avoidable without a great deal of work.

It shouldn’t be a shock to point out that data breaches carry a huge reputational risk — one that almost always impacts the bottom line. As we can see from any number of recent, highly publicized incidents, not taking data security seriously can result in serious consequences.

A clear and confident understanding of user roles is vital to successfully managing NetSuite. Whether you are implementing a new account, cleaning up an old one or setting up segregation of duties for SOX compliance, you need to have a firm grasp of a few fundamentals.

It is increasingly common for Salesforce Orgs to be in scope for SOX. Auditors are concerned about revenue-related data and critical business processes on the platform. The problem is that Orgs are complex, often highly customized, and much of what auditors are most concerned about is hidden away in custom objects or very difficult to track.