A business email compromise (BEC) attack involves cybercriminals making use of phishing to defraud an organization of funds. BEC is a highly devastating and costly cyberattack and has resulted in $26bn in losses since July 2016, with little to no recovery options available.
In early June, multiple threat researchers observed attacks on MOVEit servers using a zero day vulnerability that facilitated data exfiltration. MOVEit Transfer is a managed file transfer software that supports the exchange of files and data. This vulnerability allows an attacker to gain access to the database and possibly infer information about the structure and contents of the database.
A new critical vulnerability (CVE-2023-34362) has been published by Progress Software in its file transfer application, MOVEit Transfer. A SQL Injection vulnerability was discovered in MOVEit enabling unauthenticated access to MOVEit’s Transfer database.
In May we announced Vanta Workspaces for customers with multiple business units, improved navigation bar labels & groupings, 15 new integrations, and more.
Last month, Corelight had the distinct privilege of joining Cisco, NetWitness, Palo Alto Networks, Arista, and our internet service provider, MyRepublic, to provide availability and network security overwatch to the Black Hat Asia network in Singapore. This marked our first appearance in the Black Hat Network Operations Center (NOC).
There are risks associated with providing your confidential information online, but it’s necessary in a modern world that requires Personally Identifiable Information (PII) to create accounts, purchase goods online, complete your taxes or receive a paycheck. Your data could become vulnerable through no fault of your own. Data breaches are common, and your account information could get leaked. If your data is intercepted by threat actors, it could be sold to cybercriminals on the dark web.
Welcome to the era of data domination! Every day, 2.5 quintillion bytes of data flood the digital landscape, estimates Forbes, with a whopping 90% of data created in just the last two years. While this growth presents many opportunities for organizations, it also introduces many challenges. That’s where data governance comes in. It’s a critical practice for businesses trying to navigate data management and data security.
We asked a Bulletproof expert ‘Can you cheat Cyber Essentials?’ along with other hotly debated compliance questions, to see what he really thinks. Read what he has to say or watch the video. This is part of our Candid Chats series, where we ask the awkward questions.
In the fast-paced world we live in, where organizations face increasing threats to their security and protecting sensitive information, implementing robust security measures is paramount. Static passwords have proven inadequate in safeguarding data from unauthorized access and data breaches. However, there is a solution that addresses these vulnerabilities: time-based one-time passwords (TOTP).
