Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week, hackers targeted various industries for cyberattacks, including nationally-recognized organizations. Five Guys suffered a breach involving two employee email accounts and potentially losing employee and consumer credentials. Another national organization, Deer Oaks Behavioral Health, announced a data breach resulting in more than 170,000 patient records falling at risk for misuse. Mr.

The Allied Pilots Association (APA) is the collective pilot agent for American Airlines; it provides a range of services to 15,000 members, including acting as a bargaining entity. On October 30th, the APA experienced a network disturbance—a ransomware cyberattack potentially exposing members.

Determining, dealing with, and accepting a certain level of risk will always be a top priority for the members of any C-Suite. Eliminating risk is likely not a possibility, especially when it concerns cybersecurity. Simply put, the threat landscape changes so rapidly that fully solving this problem is likely beyond our reach. That means organisations must focus on what they can control and how much they are willing to leave up to chance.

In the last several days, a new info stealer known as the “Continental stealer” has gained traction in dark web forums. This stealer has the potential to become one of the more powerful participants in the InfoStealer industry, thanks to its simple and easy-to-use architecture. In this report, we will review the stealer infrastructure, features, and functionality.

In the arsenal of cyber security tools available to organizations, the penetration test is a key component. Business applications, and organization infrastructure (operating systems, databases, networks, etc.) all have potential vulnerabilities, many of which are just waiting for threat actors to exploit.

Five worthy reads is a regular column on five noteworthy items we have discovered while researching trending and timeless topics. This week, we are exploring the modern cyberthreat landscape and how crucial it is to keep up with cybercriminals’ evolving tactics and safeguard ourselves from them. The modern cyberthreat landscape is an ever-evolving and complex environment that poses significant risks to organizations of all sizes.

‍ When organizations were forced to shift to remote work during the pandemic, they needed a quick-fix solution that would enable their remote employees to securely access work resources. For many, this solution came in the form of VPNs. However, VPNs were not designed for the bring your own device (BYOD) and cloud app security use cases. While VPNs can provide remote access, it may come as a surprise that they fall short when it comes to security.

Discover insights from Gartner's Security and Risk Management 2023 Summit in London. Learn how CNAPP enhances protection in a complex cloud environment.

Do you need to secure high-risk access to the back end of your customer-facing apps? Yes, you do – assuming you care about cybersecurity risk, uptime or compliance with SOC II and NIST and AWS, Azure and GCP architecture frameworks. To meet compliance requirements and grow your business, you must properly secure access to the cloud services and workloads powering your SaaS app.

In an era where cyber threats are increasingly sophisticated and ubiquitous, businesses must remain vigilant and proactive in their approach to security. Cyber threat intelligence (TI or CTI) emerges as a beacon of hope, offering insights and strategies to detect, prevent, and respond to potential cyberattacks. Through this guide, we'll walk you through what TI is, different types of TI, and how it reshapes our understanding of cybersecurity.