%term

Understanding SOX Requirements for IT and Cybersecurity Auditors

Oct 30, 2024 By John Salmi In Tripwire

The Sarbanes-Oxley Act (SOX) is a United States federal law that aims to enhance corporate transparency and accountability. Signed into law on July 30th, 2002, the Act came in response to a slew of major corporate accounting scandals, including those involving Enron and WorldCom, that came to light in the early 2000s. Its primary aim is to enhance corporate transparency and accountability, ensuring companies adhere to strict financial reporting standards and maintain effective internal controls.

Read Post

Tripwire

Read more about Understanding SOX Requirements for IT and Cybersecurity Auditors

CVE-2024-50388: Critical OS Command Injection Vulnerability in QNAP HBS 3 Hybrid Backup Sync

Oct 30, 2024 By Andres Ramos In Arctic Wolf

On October 29, 2024, QNAP issued a security advisory regarding a critical OS command injection vulnerability, tracked as CVE-2024-50388. Discovered by researchers at the Pwn2Own conference, this vulnerability affects HBS 3 Hybrid Backup Sync, a backup and disaster recovery solution used by organizations for secure data protection across multiple locations. The flaw allows remote attackers to execute arbitrary commands.

Read Post

Arctic Wolf

Read more about CVE-2024-50388: Critical OS Command Injection Vulnerability in QNAP HBS 3 Hybrid Backup Sync

Top 8 Cyberstalking Myths That Could Put You at Risk

Oct 30, 2024 By The Cyber Helpline In The Cyber Helpline

In our recent webinar, "Myth-Busting Cyberstalking," hosted by The Cyber Helpline and Paladin, we tackled common misconceptions about stalking. Misunderstandings around stalking can put victims at risk, so our goal was to debunk harmful myths and provide guidance on handling such situations safely. Here’s a rundown of the eight myths we covered, along with insights from our panel of experts.

Read Post

The Cyber Helpline

Read more about Top 8 Cyberstalking Myths That Could Put You at Risk

E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale

Oct 30, 2024 By Trustwave In Trustwave

The booming e-commerce industry, with its projected $5 trillion in sales by 2025, has become a prime target for cybercriminals, a fact highlighted in the new Trustwave SpiderLabs report, Retail Sector Deep Dive: Rise of E-Commerce Threats.

Read Post

Trustwave

Read more about E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale

SAML vs OAuth Comparison: Similarities & Differences

Oct 30, 2024 By Kent Tuominen In Netwrix

SAML (Security Assertion Markup Language) and OAuth (Open Authorization) are two of the most common user authentication and authorization protocols. Both of them help manage identity and access using tokens, but they serve different purposes and operate in different contexts. This blog explains the key similarities and differences between SAML and OAuth and the specific use cases where they are most commonly employed.

Read Post

Netwrix

Read more about SAML vs OAuth Comparison: Similarities & Differences

How to Mitigate the Latest API Vulnerability in FortiManager

Oct 30, 2024 By Wallarm In Wallarm

Recently, a critical API vulnerability in FortiManager (CVE-2024-47575) was disclosed. Certain threat actors exploited it in the wild to steal sensitive information containing configurations, IP addresses, and credentials used by managed devices. In advanced notification emails, Fortinet warned its users of the vulnerability and mitigation steps. The vulnerability has a critical severity rating of 9.8 out of 10.

Read Post

Wallarm

Read more about How to Mitigate the Latest API Vulnerability in FortiManager

CrowdStrike Falcon Platform Supports Google Cloud's ARM-Based Axion CPUs

Oct 30, 2024 By Karishma Asthana In CrowdStrike

CrowdStrike is proud to announce cloud security support for Google Cloud’s first custom ARM-based processor, Axion, delivered by the unified, cloud-native CrowdStrike Falcon platform. This extends industry-leading protection to our customers with extensive coverage for Google Cloud environments. We are excited to collaborate with Google Cloud, which today unveils its new C4A Virtual Machines.

Read Post

CrowdStrike

Read more about CrowdStrike Falcon Platform Supports Google Cloud's ARM-Based Axion CPUs

The effectiveness of AiSDR: fast response, high conversion and customer engagement

Oct 30, 2024 By SecuritySenses In SecuritySenses

Today's businesses strive to continuously improve customer interactions to achieve higher conversion rates, faster response times, and expand their customer base. One of the leaders in applying artificial intelligence to sales and marketing is AiSDR. Their solutions automate key business processes, dramatically speeding up response times, improving sales efficiency, and reaching wider audiences. In this text, let's look at exactly how these factors impact the success of companies utilizing AiSDR solutions..

Read Post

SecuritySenses

Read more about The effectiveness of AiSDR: fast response, high conversion and customer engagement

Best Practices for Protecting Drone Data in Commercial Applications

Oct 30, 2024 By SecuritySenses In SecuritySenses

Hey there, tech enthusiasts and masters of the skies! With the soaring ascent of drones in commercial applications, it's not just about nailing the perfect aerial shot anymore-it's also about locking down that precious data. Drones are busy bees, collecting loads of info that need protection just as much as any ground-based data trove. We've all heard the horror stories of data breaches resulting in hefty fines and reputational damage. That's why I'm here to guide you through the labyrinth of drone data security, helping your business keep its digital treasures under a virtual lock and key.

Read Post

SecuritySenses

Read more about Best Practices for Protecting Drone Data in Commercial Applications

How to Create a Data Loss Prevention Policy: A Step-by-Step Guide

Oct 29, 2024 By Rom Carmel In Apono

With an average of more than 5 data breaches globally a day, it’s clear companies need a way to prevent data loss. This is where a data loss prevention policy comes into play. A data loss prevention policy serves as a crucial safeguard against unauthorized access, data breaches, and compliance violations. This comprehensive framework outlines strategies and procedures to identify, monitor, and protect valuable data assets across an organization’s network, endpoints, and cloud environments.

Read Post