%term

Effective API Throttling for Enhanced API Security

Jan 8, 2025 By Wallarm In Wallarm

APIs are the backbone of modern digital ecosystems, but their misuse can expose systems to cyber threats. Effective API throttling not only optimizes performance but also acts as a critical defense mechanism against abuse, such as denial-of-service attacks. Discover how this powerful strategy enhances API security and safeguards your organization’s data in an interconnected world.

Read Post

Wallarm

Read more about Effective API Throttling for Enhanced API Security

The 4 categories of ISO 27001 controls

Jan 8, 2025 By Vanta In Vanta

Information security is no longer optional; it’s critical to running a successful, resilient business. ISO 27001, the international standard for information security management systems (ISMS), provides a structured approach to safeguarding data. Central to this framework are the 93 controls in Annex A, which are divided into four categories: organizational, people, physical, and technological.

Read Post

Vanta

Read more about The 4 categories of ISO 27001 controls

Supercharge Your Security Budget in 2025: Smarter Investments, Stronger Defence

Jan 8, 2025 By Razorthorn In Razorthorn

Ever wonder how to get the most out of your cybersecurity budget without leaving your company vulnerable? Hey there, it’s Jim from Razorwire! In this episode, I sit down with cybersecurity pros Chris Dawson and Iain Pye to chat about smart spending when it comes to your cybersecurity budget. Whether you’re a big enterprise with a hefty budget or a small business wanting maximum impact on a small budget, we’ve got some actionable insights for you. Summary In this episode, we tackle one of the industry's most pressing challenges - how organisations allocate and manage their cybersecurity spending.

View Video

Razorthorn

Security

Read more about Supercharge Your Security Budget in 2025: Smarter Investments, Stronger Defence

Under Siege: Ransomware and Healthcare

Jan 8, 2025 By Christopher Rudolph In Cato Networks

It’s becoming all too common these days: ransomware hitting another organization. However, most people don’t know exactly what happens when ransomware is found and what must be addressed. What makes it even more challenging for healthcare is that the data that can be stolen, like personal health information, is much more valuable than credit card numbers.

Read Post

Cato Networks

Read more about Under Siege: Ransomware and Healthcare

CIO POV: Ransomware and Resilience-2024's Biggest Cyber Stories

Jan 8, 2025 By Omer Grossman In CyberArk

Let’s begin 2025 with an understatement about last year: 2024 was an eventful year for cybersecurity. That in itself is no surprise. The specifics, though, looked like this: AI use accelerated (for good and for bad), ransomware surged and relentless attacks on third parties shifted focus to cyber resilience.

Read Post

CyberArk

Read more about CIO POV: Ransomware and Resilience-2024's Biggest Cyber Stories

Why Relying Solely on API Security Testing Products Can Be Counterproductive

Jan 8, 2025 By AppSentinels In AppSentinels

As APIs continue to drive modern digital ecosystems, securing them has become an organizational imperative. Few companies turn to API security testing products to identify vulnerabilities and safeguard their APIs. However, these tools are counterproductive when relied upon as a sole security measure. Here’s why.

Read Post

AppSentinels

Read more about Why Relying Solely on API Security Testing Products Can Be Counterproductive

IT Budgets Prioritise Cybersecurity in 2025

Jan 8, 2025 By Razorthorn In Razorthorn

Explore how cybersecurity has become a top priority for IT spending, with 65% of budgets now allocated to securing organisational infrastructure globally.

View Video

Razorthorn

Security

Read more about IT Budgets Prioritise Cybersecurity in 2025

Attack Surface Management: From Passive Scanning to Active Security Testing

Jan 8, 2025 By Nir Ben Eliezer In Cyberint

Traditionally, approaches to Attack Surface Management (ASM) went something like this: A business scanned its own IT estate to discover assets and understand what its attack surface actually included. We can think of this as Phase I. Following the completion of an asset inventory, they assessed each of their assets to identify risks and vulnerabilities, such as open ports, certificate issues, DNS misconfigurations, and more.

Read Post

Cyberint

Read more about Attack Surface Management: From Passive Scanning to Active Security Testing

What To Do If You Click on a Phishing Link

Jan 8, 2025 By Keeper In Keeper

If you click on a phishing link you should immediately disconnect your device from the internet, scan your device using antivirus software and keep a lookout for suspicious activity and transactions on your online accounts. Learn more about what a phishing link is and what to do if you click on a phishing link.

View Video

Keeper

Read more about What To Do If You Click on a Phishing Link

Stored XSS Vulnerability Discovered in Joomla 5.1.4 - CVE-2024-40748

Jan 8, 2025 By Aakanksha Khanna In Astra

On September 19th, 2024, a critical vulnerability (CVE-2024-40748) was discovered in Joomla version 5.1.4, exposing their website to stored cross-site scripting (XSS) attacks. Stored cross-site scripting (second-order or persistent XSS) arises when an application receives data from an untrusted source and unsafely includes it within its later HTTP responses. This could lead to attackers injecting malicious scripts into the website, which would be executed whenever a user visits a specific page.

Read Post