Cybersecurity is no longer the exclusive domain of computers, servers, and handheld devices. As wireless connectivity grows, it makes many daily activities more convenient, but it also means that cars may be vulnerable to cyberattacks. Connected, Autonomous, Shared and Electric vehicles are starting to dominate the auto market, but they often carry significant cybersecurity risks.
NorthStar Emergency Medical Services is an ambulance service based in Searcy, Arkansas. The company manages three EMS stations in the surrounding area and helps patients get the emergency help they need rapidly. This service provider takes medical information from patients it serves, and it may have just exposed tens of thousands of its past patients to internet hackers in a recent data breach incident.
Ransomware as a Service (RaaS) has been a growing trend in recent years, enabling anyone with an internet connection to become a hacker. In the past, launching a ransomware attack required a high level of technical expertise, but RaaS has lowered the barrier to entry, making it easier for anyone to launch a ransomware attack. So, how does RaaS work, and what are the implications for businesses and individuals?
A new critical vulnerability impacting Microsoft Outlook (CVE-2023-23397) was recently published by Microsoft. The CVE is particularly concerning as no user involvement is required by the exploit. Once a user receives a malicious calendar invite, the attacker can gain a user’s Active Directory credentials. Microsoft has released a security update that can be found here. Cato Research strongly encourages updating all relevant systems as proof-of-concept exploits have already appeared online.
I’m thrilled to unveil our new identity: Cyberpion is now IONIX, a name that represents our radically different approach to protecting the modern attack surface and its digital supply chain. With IONIX, you’ll discover your organization’s real attack surface, including its sprawling network of asset dependencies – while separating the signal from the noise so your security team gains laser focus on your exploitable risks.
Terraform is the de facto tool if you work with infrastructure as code (IaC). Regardless of the resource provider, it allows your organization to work with all of them simultaneously. One unquestionable aspect is Terraform security, since any configuration error can affect the entire infrastructure. In this article we want to explain the benefits of using Terraform, and provide guidance for using Terraform in a secure way by reference to some security best practices. Let’s get started!
The business impact of critical open source vulnerabilities such as Spring4Shell and Log4j illustrate the crucial importance of detecting remediating such vulnerabilities as fast as possible, This is particularly important for the financial technology, which handles vast volumes of sensitive financial data for investors. That was certainly the case for MSCI, who deployed Mend to speedily thwart any potential threats posed by Spring4Shell.
The industrial sector is one of the largest, most diverse and changing segments of the global economy. It is also one of the main targets for cybercriminals. Industrial sites and factories continue to transform and digitize, which means that more and more critical assets and infrastructure are being connected to the Industrial Internet of Things (IIoT). This has raised security concerns about operational technology (OT) in manufacturing, which is increasingly at risk.
