%term

Securing Remote Access: Best Practices for Third-Party Risk Management

Nov 27, 2024 By Ryne Laster In CyberArk

The physical location of users has become less and less important in conducting business, with the drawback that it creates new, persistent threats to organizations. You know that. You may not know that remote access to IT and business-critical systems is not a new concept. It’s been around since the late 1980s.

Read Post

CyberArk

Read more about Securing Remote Access: Best Practices for Third-Party Risk Management

From Discounts to Data Breaches

Nov 27, 2024 By Stripe OLT In Stripe OLT

‘Black Friday’ is an event every savvy shopper eagerly awaits as the holiday season approaches. However, it’s no longer just a single day of deals. Black Friday has evolved into a weeks-long sales event, and in some cases, it spans the entire month of November. While this extended shopping period offers consumers more time and flexibility to grab bargains, it also significantly increases opportunities for cybercriminals to exploit unsuspecting shoppers.

Read Post

Stripe OLT

Read more about From Discounts to Data Breaches

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution

Nov 27, 2024 By Pauline Bolaños In Trustwave

On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This widely used open-source file archiving software enables remote actors to perform remote code execution (RCE) on vulnerable 7-Zip versions. This vulnerability was originally discovered earlier this year and was reported to 7-Zip in June 2024.

Read Post

Trustwave

Read more about CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution

What We Know About The SEC's New Cyber Disclosure Rule

Nov 27, 2024 By Jeff Moline In Tripwire

As cyber threats escalate in frequency and severity, IT and security teams face increased pressure to maintain transparency. With this in mind, the US Securities and Exchange Commission’s (SEC) Cyber Disclosure Rule, released on 26 July 2023, mandates timely and detailed public disclosures about cyber incidents.

Read Post

Tripwire

Read more about What We Know About The SEC's New Cyber Disclosure Rule

CIS Control 11: Data Recovery

Nov 27, 2024 By Matthew Jerzewski In Tripwire

Data loss can be a consequence of a variety of factors from malicious ransomware to hardware failures and even natural disasters. Regardless of the reason for data loss, we need to be able to restore our data. A data recovery plan begins with prioritizing our data, protecting it while it is being stored, and having a plan to recover data.

Read Post

Tripwire

Read more about CIS Control 11: Data Recovery

Netskope Threat Labs Predictions for 2025

Nov 27, 2024 By Netskope Staff In Netskope

Continuing our ongoing series collecting predictions from our many subject-matter experts here at Netskope, we gathered some hot topics and predictions from the Netskope Threat Labs team based on what they are starting to see evolving in the landscape. Here’s what they had to say.

Read Post

Netskope

Read more about Netskope Threat Labs Predictions for 2025

From Assessment to Implementation: Attack Surface Reduction Guide

Nov 27, 2024 By Amit Sheps In IONIX

An attack surface is the sum total of all the various ways that a cyber threat actor could attack an organization. This includes everything from software vulnerabilities, like SQL injection, to lost and stolen devices to social engineering attacks against the organization’s employees or third-party partners. An organization’s overall attack surface can further be divided into its external and internal attack surfaces.

Read Post

IONIX

Read more about From Assessment to Implementation: Attack Surface Reduction Guide

Teleport Terraform Provider on Terraform Cloud

Nov 27, 2024 By Teleport In Teleport

This video walks through how to setup the Teleport Terraform provider for use with HCP Terraform or self-hosted Terraform Enterprise, a new feature in Teleport 17.

View Video

Teleport

Read more about Teleport Terraform Provider on Terraform Cloud

[Podcast] ChattinCyber's Unmasking Cyber Threats: The Rise of Spoofing + Phishing with Gideon Hazam

Nov 27, 2024 By Memcyco In Memcyco

Marc Schein is chattin’ with Memcyco's Gideon Hazam in ChattinCyber's latest episode. The conversation provides valuable insights into the challenges posed by spoofing and phishing attacks, the connection between the two, and the need for robust authentication measures to protect against these threats. The discussion highlights the importance of detecting attacks quickly, identifying at-risk users, and implementing effective protection measures to safeguard organizations and their customers.

View Video

Memcyco

Read more about [Podcast] ChattinCyber's Unmasking Cyber Threats: The Rise of Spoofing + Phishing with Gideon Hazam

Announcing Jit Tags: Track the security posture of your business-critical services

Nov 27, 2024 By Charlie Klein In Jit

Today, we’re thrilled to announce Jit Tags, which organizes security risks across your environment by microservice, application, business unit, and other vectors, while providing a high-level risk overview of each component.

Read Post