Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On December 13th, The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) have issued an urgent advisory about the ongoing exploit of CVE-2023-42793 by Russian Foreign Intelligence Service (SVR) threat actors.

On December 14, 2023, the Ledger Connect Kit was compromised, allowing attackers to drain users’ wallets on dozens of decentralized apps. Fireblocks’ customers were not impacted by the attack. Fireblocks dApp Protection, the latest security feature in our DeFi solution, detected and prevented customers from unknowingly interacting with the impacted dApps.

Organizations can protect their enterprise database from privilege abuse by implementing the Principle of Least Privilege (PoLP), following a zero-trust security approach and investing in a Privileged Access Management (PAM) solution. Continue reading to learn what privilege abuse is, the risks of privilege abuse in an organization and how to prevent it.

The North American Electric Reliability Corporation’s Critical Infrastructure Protection (NERC CIP) standards are a comprehensive set of requirements that ensure the security and reliability of the North American power grid. These standards address both the physical security and cybersecurity of the bulk electric system, mandating measures to protect critical assets from potential threats.

The rapid rise of artificial intelligence, more specifically, generative AI systems such as OpenAI’s ChatGPT, has simultaneously spurred intense development and concern over the past year. On the 30th of October, President Joe Biden signed an Executive Order that urges new federal standards for AI development, safety, security, and trustworthiness that also address many other facets of AI risk.

Proprietary severity scoring often burdens AppSec teams. With every new vendor, you must evaluate their custom severity framework and work to translate assessed risk between tools. To eliminate this burden and provide our customers with a clear security assessment for configurations across the SDLC, Snyk will be moving towards standardizing our code to cloud security rules set on the Common Configuration Scoring System (CCSS)!

Southern Illinois Healthcare oversees the operations of Harrisburg Medical Center (HMC), a not-for-profit community hospital with over 70 beds and 140 physicians. They are partnered with other clinics in the area, providing a comprehensive healthcare network for residents in the region. HMC suffered a network data breach nearly a year ago.

TrustCloud teamed up with Dan Andrea, a partner at KLR, to discuss: Read more of Dan’s suggestions below, or check out the conversation on YouTube.

In an age where digital threats are constantly evolving, understanding and mitigating cyber risks is crucial for businesses of all sizes. Advanced threat intelligence plays a vital role in this process, providing the insights needed to identify, assess, and effectively respond to cyber risks. Let’s discuss how businesses can leverage threat intelligence to enhance their cybersecurity posture and protect against the ever-changing landscape of cyber threats.

As attack surfaces expand and cyber threats continue to evolve in sophistication and frequency, organizations must adopt proactive measures to fortify their defenses. One such crucial step is the implementation of robust cybersecurity frameworks.