Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Read also: the US disrupts ALPHV/BlackCat operations, a NY engineer admits the hacks of two crypto exchanges, and more.

These statistics show that organizations struggled to maintain basic cybersecurity practices in 2023. But what can organizations do to improve their networks and help prevent attacks in 2024?

Cybersecurity is an essential consideration for any organization that deals in the digital sphere on any level, and the education sector is no exception. In recent years, the global pandemic and technological advances have led to a massive shift toward online learning, which has posed a number of challenges to educators and administrators. Facilitating digital education presents a logistical maelstrom that many educational institutions are not prepared to handle.

On December 7th, 2023, the Apache Struts project disclosed a significant vulnerability, CVE-2023-50164, in its Struts 2 open-source web framework. Rated at a critical CVSS score of 9.8, this flaw resides within the framework’s file upload logic. Exploiting this vulnerability empowers attackers to manipulate upload parameters, potentially leading to arbitrary file upload and, under specific conditions, code execution.

This is part two in our series on building honeypots with Falco, vcluster, and other assorted open source tools. For the previous installment, see Building honeypots with vcluster and Falco: Episode I.

Learn how GitGuardian helps teams effectively prioritize and coordinate remediation by gathering the right data and making progress tracking and communication easy.

Life is full of problems. A product manager's life is that, and more! But it’s also the very reason we have been able to contribute to many, many awesome products. Since becoming a product manager, I’ve learned that the problems worth solving aren't always easy to spot and you have to do some sifting, rejecting and re-framing to get to the good stuff.

Following the release of the Phishing Threat Trends Report, we recently hosted the Human Risk Summit, a virtual gathering of top industry leaders to discuss human risk in cybersecurity.

As the most downloaded app in the world right now, the number of TEMU impersonation emails has increased by 112% since October 1st, 2023. As discounts and spending-based reward coupons form a substantial part of TEMU’s awareness campaigns, the company is reportedly spending $2bn annually on marketing. As the brand continues to grow in popularity, cybercriminals are increasingly leveraging it to lend authenticity to their spoofing attempts.

In response to what Google calls “over trust” in the web address lock icon to indicate that a site is authentic and its’ communications are secure, they’ve swapped the lock out in an attempt to engage Chrome users in thinking about their own secure browsing. You may have not noticed it if you’ve updated to Google Chrome version 120, but the long-familiar lock icon is no longer.