In an age where cyber threats are increasingly sophisticated and prevalent, organizations must prioritize integrating security into the very core of their technology. Security can no longer be an afterthought or a box to check; it needs to be part of the design and development process from the start.

Phishing remains one of the most dangerous and persistent cyber threats for individuals and organizations. Modern attacks use a growing arsenal of deceptive techniques that bypass traditional secure email gateways (SEGs) and email authentication measures, targeting organizations, employees, and vendors.

Recently, an Apache Tomcat web server vulnerability, tracked as CVE-2024-50378, has been published, exposing the platform to remote code execution through a race condition failure.

India's Digital Personal Data Protection (DPDP) law, enacted in 2023, represents a pivotal step in safeguarding personal data privacy while fostering accountability among entities handling such data. As businesses grapple with its requirements, understanding its core mandates, applicability, timeline, and implications is critical for compliance and operational efficiency.

In this post, we’ll explore what cloud email filtering is, how it works, its key features, benefits, and the top providers in the market.

Recent lawsuits have revealed a critical privacy concern for healthcare providers – the sharing of patient data with Facebook through tracking pixels. We wrote this article to help your security and privacy teams assess their risk, identify key stakeholders, and understand the urgency of this issue.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Quite a swish phishing attack. Someone, somewhere will inevitably fall for it though.

It’s 10:47 PM, and I’m halfway through binge-watching the latest must-see series when my phone buzzes. A notification from SecurityScorecard has my attention instantly: one of our critical vendors has just reported a breach. I hit pause, grab my laptop, and dive straight in. As much as I’d love to ignore it for a few hours, cyber risks don’t come with snooze buttons. Before panic sets in, I’m logging into the SecurityScorecard platform.

While vulnerability management is one of the few preventative practices in security, vulnerability patching is still a reactive process. It’s a continuous cycle of discovery, vendors releasing patches, and remediation teams applying those patches. What if there was a way to build in some proactivity to this endless reactive spiral?