Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Two new local privilege escalation vulnerabilities were recently discovered in Ubuntu: CVE-2023-2640 (CVSS 7.8) and CVE-2023-32629 (CVSS 7.8). The vulnerabilities, dubbed GameOver(lay), affect the OverlayFS module in multiple Ubuntu kernels. Ubuntu’s official security bulletin here and here outlines the impacted versions by both CVEs. It’s important to note that CrowdStrike Falcon® Cloud Security protects against both vulnerabilities.

Cognizant is a massive IT services company with over 300,000 employees and more than $15 Billion in annual revenue. The company helps major corporations with IT services. TMG Health is a healthcare services provider that works with Medicare Advantage, Medicaid Part D, and Managed Medicaid programs for many government agencies throughout the country. Between these two major companies, a huge amount of data is stored. All that data is now vulnerable because of a breach that started in May.

Internet of Things (IoT) security protects IoT devices and the networks to which they connect from cyberattacks. IoT devices can include anything that connects to your internet including doorbell cameras, baby monitors, smart bulbs and thermostats. This presents a cybersecurity risk because anything that can connect to your internet is at risk of being hacked.

The importance of data security cannot be overstated. Data Loss Prevention (DLP) has emerged as a crucial component in safeguarding sensitive information and ensuring compliance with ever-evolving regulations. In this blog post, we'll share everything to know about DLP, exploring its definition, key components, types of solutions, importance, best practices, tools, and common challenges.

Vulnerability scanning plays a crucial role in safeguarding applications and systems. By utilizing advanced software tools, it detects weaknesses or ‘vulnerabilities’ in computer systems that could be exploited by malicious individuals to compromise the system or steal valuable data.

We’re all familiar with software as a service or platform as a service, but what about Cyber-Crime-As-A-Service? It’s not just the sheer quantity of cyber threats that is increasing at alarming rates, it’s the methods and ease at which cybercriminals are finding to deploy attacks.,

In the face of increasingly impactful malicious attacks, governments of leading economies have turned their attention to the software supply chain security. Regulations like the EU’s Digital Operational Resilience Act (DORA) for financial institutions and the Cyber Resilience Act (CRA) for software and hardware providers Australia’s 2023-2030 cybersecurity strategy, and the U.S.

Until recently, Netflix wasn’t too concerned about its members sharing their accounts with friends and family. In a 2016 statement, Reed Hastings, Netflix CEO said “password sharing is something you have to learn to live with, because there’s so much legitimate password sharing, like you share with your spouse, with your kids… so there’s no bright line, and we’re doing fine as it is.”

At WatchGuard, we’re all about security simplified. But living this mission becomes challenging when we’re constantly faced with a barrage of information technology (IT) acronym soup. Whenever I read the latest blog post or I hear the latest cybersecurity news, one of those dreaded acronyms inevitably appears. In IT, the acronyms are prolific.

In an era where digital innovation has become the lifeblood of businesses, cybersecurity has taken center stage in the corporate world. The Australian Prudential Regulation Authority (APRA) recognized this need and introduced CPS 234, a regulation that puts cybersecurity at the forefront of APRA-regulated entities. APRA is currently conducting an independent tripartite cyber assessment of compliance with CPS234, which took effect in 2019.