Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One of the best things you can teach yourself, your family, and your organization is how to recognize the common signs of phishing and how to mitigate and appropriately report it. Phishing messages can have many different looks, traits and narratives. What worked yesterday for the attackers eventually becomes blocked, recognized, and less profitable, and they move on to different tactics.

Staff time, log processing, and legacy issues can turn free, open-source or low-cost SIEMs into one of your organisation's most expensive investments. You're not alone if you're baulking at the idea of paying upwards of tens of thousands of pounds for a new or renewed SIEM licence. Many security decision-makers feel the same way. One survey showed that almost half (40%) of existing SIEM users feel like they are overpaying for their SIEM.

As we've covered before, SIEMs are an expensive tool. The average enterprise-level SIEM deployment costs over £15 million a year, and operating a small, 100 to 1000-seat SIEM will still run up bills of over £10k monthly. SIEMs create spiralling costs that eat security budgets. Without a skilled team operating them, they can also make organisations less secure despite receiving more information about their digital estates. But where do these SIEM costs come from?

Are most network detection and response tools missing something? We think so. Network detection and response (NDR) is an incredible technology. With it, you can analyse network packets for malicious behaviour, spot insider threats, and even find connected devices you don’t own. However, if you want to implement NDR in your environment, you typically need to install proprietary hardware or run your NDR on a dedicated server.

Clifford Stoll, astronomer, author, and teacher, often joked about computer passwords. He said, “Treat your passwords like a toothbrush. Don’t let anybody else use it, and get a new one every six months.”

In January 2023, the European Commission (EC) released an updated version of the European Union (EU) Network and Information Security Directive (NIS2) to strengthen cybersecurity risk management across Europe’s essential services. NIS2 updates the original NIS directive and focuses more on regulations for cloud infrastructure, internet exchanges, domain service providers, and digital service providers.

The Critical Entities Resilience (CER) Directive is a new initiative in the EU that aims to ensure that critical entities providing essential services are effectively managing their network and information security. The CER Directive is part of the EU’s latest effort to build stronger cyber resilience across Europe, alongside NIS2 and the EU Cyber Resilience Act.

On April 24, 2024, Cisco Talos and several government security agencies published details on a sophisticated threat campaign focused on espionage and gaining unauthorized access to sensitive information from targeted government entities and organizations in critical infrastructure. As part of that publication, Cisco disclosed CVE-2024-20353 and CVE-2024-20359, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) devices, which were actively exploited in the documented campaign.

Containers are integral to modern application development portability, resource efficiency, and ease of deployment. But there is a flip side to these benefits. Unlike traditional applications, containers bundle everything needed to run, making them a scattered setup for hidden security issues. 54% of container images in Docker Hub were found to contain sensitive information that could lead to unauthorized access, data breaches, or identity theft.

The Publishers Clearing House (PCH) appeared in 1967, promoting magazine subscriptions, merchandise, time-share vacations, and their famous cash prize sweepstakes. Since 67’ over 11 million people have won PCH sweepstakes, totaling over $593 million in cash winnings. More people than ever have entered the PCH sweepstakes, looking for their chance to win thousands - sometimes millions - of dollars overnight.