%term

Enhancing your Clean Room with Rubrik Security Cloud and Cyber Recovery

Jun 26, 2024 By Joshua Stenhouse In Rubrik

Properly architecting and designing solutions for clean room recovery is a crucial step for any organization looking to become more resilient to cyber threats. Clean rooms provide organizations with an isolated environment where data integrity and recovery processes are insulated from external threats. By providing a clean room environment, organizations can expedite security investigations and recovery timelines in the event of a cyber attack.

Read Post

Rubrik

Read more about Enhancing your Clean Room with Rubrik Security Cloud and Cyber Recovery

Configuring RADIUS | JumpCloud University Tutorial (2024)

Jun 26, 2024 By JumpCloud In JumpCloud

In this tutorial, you'll see how to configure JumpCloud's Cloud RADIUS for your organization, Wireless or VPN networks. JumpCloud's Cloud RADIUS allows you to use either JumpCloud or Azure AD as your identity provider. Cloud RADIUS also supports Certificate Based Authentication, allowing you to bring your own certificates for Passwordless authentication. To discover more resources checkout JumpCloud University where you’ll find courses, tutorial videos, engaging guided simulations, and end user content.

View Video

JumpCloud

Read more about Configuring RADIUS | JumpCloud University Tutorial (2024)

Polyfill supply chain attack embeds malware in JavaScript CDN assets

Jun 26, 2024 By Liran Tal In Snyk

On June 25, 2024, the Sansec security research and malware team announced that a popular JavaScript polyfill project had been taken over by a foreign actor identified as a Chinese-originated company, embedding malicious code in JavaScript assets fetched from their CDN source at: cdn.polyfill.io. Sansec claims more than 100,000 websites were impacted due to this polyfill attack, including publicly traded companies such as Intuit and others.

Read Post

Snyk

Read more about Polyfill supply chain attack embeds malware in JavaScript CDN assets

Rubrik Wins Microsoft Healthcare and Life Sciences Partner of the Year

Jun 26, 2024 By Mike Tornincasa In Rubrik

Have you ever wondered what it takes to ensure that the data behind every life-saving surgery, every critical care decision, and every patient record is not only secure but also instantly recoverable in the face of cyber threats? In the world of healthcare, where every second can mean the difference between life and death, this isn't just a technical challenge - it's a mission.

Read Post

Rubrik

Read more about Rubrik Wins Microsoft Healthcare and Life Sciences Partner of the Year

Ransomware, Supply Chain & Tech Threats Explode - 2024 Trustwave SpiderLabs Report

Jun 26, 2024 By Trustwave In Trustwave

Trustwave SpiderLabs, in its just-released report 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies, has uncovered an increasing number of ransomware, third-party supplier, and technology-based attacks targeting the professional services sector.

Read Post

Trustwave

Read more about Ransomware, Supply Chain & Tech Threats Explode - 2024 Trustwave SpiderLabs Report

Dependency Management vs Dependency Updates: What's the Difference?

Jun 26, 2024 By AJ Starita In Mend

It’s not uncommon to hear people refer to updating dependencies as “dependency management”. They’re not wrong; keeping dependencies up to date is a big part of dependency management, but it’s not everything. Read on to learn more about the differences between the two.

Read Post

Mend

Read more about Dependency Management vs Dependency Updates: What's the Difference?

Breaking down BEC: Why Business Email Compromise is More Popular Than Ever

Jun 26, 2024 By Mark Manglicmot In Arctic Wolf

Cybersecurity moves fast, and the latest threats to reach organizations worldwide are being built on the back of artificial intelligence (AI) models that spit out accurate code, realistic messages, and lifelike audio and video designed to fool people. But as headline-grabbing as AI-based attacks appear to be, they aren’t driving the most breaches globally. That would be BEC attacks, in which attackers leverage stolen access to a business email account to create a scam that results in financial gain.

Read Post

Arctic Wolf

Read more about Breaking down BEC: Why Business Email Compromise is More Popular Than Ever

Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security

Jun 26, 2024 By Cody Queen In CrowdStrike

We’re thrilled to share that the CrowdStrike Falcon sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes deeper into the integration and shares how customers leveraging Google Cloud Run and CrowdStrike can deploy Falcon quickly to enhance their serverless security requirements.

Read Post

CrowdStrike

Read more about Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security

Veracode's Application Risk Management Platform

Jun 26, 2024 By Veracode In Veracode

Build and scale secure software from code to cloud with speed and trust. Veracode’s Platform allows you to start fast and scale, enable real-time flaw remediation, and gain actionable visibility into your application risk.

View Video

Veracode

Read more about Veracode's Application Risk Management Platform

CVE-2024-5805 & CVE-2024-5806: Authentication Bypass Vulnerabilities in Progress MOVEit Transfer and MOVEit Gateway

Jun 26, 2024 By Andres Ramos In Arctic Wolf

On June 25, 2024, Progress disclosed two vulnerabilities affecting MOVEit Transfer and MOVEit Gateway: CVE-2024-5805: A critical severity authentication bypass vulnerability affecting MOVEit Gateway (SFTP module). MOVEit Gateway is a proxy for MOVEit Transfer, designed to securely handle inbound connections when deployed behind a firewall.

Read Post