Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Check out the latest product releases from UpGuard!

Embark on a journey through the evolving landscape of cybersecurity compliance as we uncover the challenges inherent in traditional frameworks. The stark reality is that compliance doesn't automatically equate to effectively managing organizations' risks and specific threats.

This weeks' briefing covers: Dive deeper.

Torq talks to Abnormal CISO, Mike Britton Mike Britton, CISO at Abnormal Security spoke to our Sr. Social Media Manager, Brittney Zec about how Torq Hyperautomation is helping Abnormal Security's SecOps team operate faster and more efficiently. Mike also talks about the ROI that Abnormal Security is seeing with Torq, along with the advice he would give to other security professionals considering adopting hyperautomation.

This week on the podcast, we cover a recent news post about an army of 3 million compromised toothbrushes taking down a Swiss website, causing millions in damages. After that, we discuss the United States DOJ's latest botnet takedown, this time targeting Volt Typhoon. We end the episode by walking through a CISA joint-publication giving guidance on how to defend against Living-of-the-Land (LotL) attacks.

Delve into the complex world of cybersecurity compliance with our latest video, where we address the crucial question: How do you effectively track and manage diverse compliance requirements across the board? In an era where adhering to one set of regulations might not align with another, the need for a comprehensive GRC (Governance, Risk, and Compliance) tool becomes paramount.

Unravel the cybersecurity dilemma in our latest video, where we explore the complex relationship between government involvement and corporate cybersecurity programs. Many cybersecurity leaders may express reluctance when asked about government intervention, fearing the additional burdens of setting up new compliance wings and diverting resources from tangible security budgets.

Welcome to our latest video on the OWASP Top 10, focusing on Vulnerability A03: Injection. This video is designed to provide a comprehensive understanding of injection vulnerabilities, which are among the most common and dangerous security risks in web applications. In this video, we will explore the concept of injection vulnerabilities, their various types, and how they can be identified. We will also look at real-world examples to illustrate the potential impacts of these vulnerabilities when they are exploited.

In this episode of The Cybersecurity Defenders Podcast, we take a close look at the AnyDesk and Cloudflare breaches that were both disclosed on February 2, 2024. AnyDesk, a prominent remote desktop software provider, disclosed a cyberattack late on February 2nd, causing the company to enforce strict security measures for nearly a week. Adversaries breached AnyDesk's systems, compromising vital assets such as source code and private code signing keys, and gaining unauthorized access to production systems.

Explore the pitfalls of knee-jerk legislative reactions in the ever-evolving landscape of cybersecurity in our latest video. Delve into the challenges faced by organizations as they grapple with sudden directives that often emerge as a response to unforeseen events. The knee-jerk nature of some legislation raises crucial questions about the consultation process, leaving cybersecurity professionals wondering if insights from the infosec world were considered.