Fireblocks has expanded its exchange connectivity with new support for Coinbase International Exchange to provide perpetual futures and spot trading features for institutional and retail clients in eligible jurisdictions. Fireblocks customers can now connect to their Coinbase International Exchange account via the Fireblocks Network, and protect exchange operations – such as withdrawals and deposits – with Fireblocks’ governance and policy rules.

This blog is part of the ongoing “I&O Perspectives” series, which features insights from industry experts about the impact of current threats, networking, and other cybersecurity trends.

Operational Technology (OT) is the backbone of our modern world as we know it today. Think about the daily operations of a factory, the precise control of our power grids, and even the supply of clean water to our homes. All of these modern capabilities are made possible and efficient due to OT systems.

In a recent Fortune article, Amazon’s chief security officer, Steve Schmidt, suggests 6 questions every company's board should ask its CISOs to understand how robust their cybersecurity preparation is. One of the most challenging questions for CISOs was: “Who has access to what data? Why do they need it, and for how long?” This question is critical because cyberattacks often begin with weak, leaked, or stolen passwords.

‍ ‍ ‍Private equity (PE) firms are becoming increasingly attractive targets for cybercriminals. Malicious actors are keen to capitalize on the ecosystem's access to an incredibly extensive and diverse array of sensitive data, particularly susceptible during and after M&As, as well as the notoriously low cybersecurity measures in place among the smaller businesses that some PE firms chose to hold.

On June 7, 2024, a new critical PHP vulnerability CVE-2024-4577 was revealed, mainly impacting XAMPP on Windows. It happens when PHP runs in CGI mode with specific language settings, like Chinese or Japanese. The problem comes from how PHP handles certain characters, allowing attackers to inject code through web requests and take control of servers. This vulnerability, if exploited, could lead to the execution of arbitrary code, a scenario with severe consequences for system integrity and data security.

In a startling cybersecurity development, an anonymous threat actor has posted what they claim to be 270GB of source code stolen from the New York Times on a popular imageboard website. This incident, reported on Friday, suggests the leak contains "basically all source code" from the publisher.

The response in September 2023 by the Australian government outlined reforms to the existing Privacy Act 1988 from the Office of the Australian Information Commissioner (OAIC). These reforms aim to bring Australian privacy laws up to date with the digital age and give citizens more control over their personal information which may affect your businesses starting in 2024.

On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log into the web interface as any user. Officially designated as CVE-2024-29849, the vulnerability presents a major threat with a CVSS V3 rating of 9.8 (critical). VBEM is a web-based platform that allows administrators to oversee Veeam Backup and Replication installations through a web interface console.

At AWS re:Inforce 2024, CrowdStrike is announcing expanded AWS support to provide breach protection, enhanced visibility and faster response across your cloud environment. Let’s explore three cutting-edge CrowdStrike Falcon Cloud Security and CrowdStrike Falcon Next-Gen SIEM features that are changing the way organizations manage security risks.