When it comes to cybersecurity governance, 2023 stood out as one of the most eventful in a very long time. With everything from the enactment of stronger new cybersecurity regulations around incident disclosure from the Securities and Exchange Commission (SEC) to significant changes afoot for financial and cloud services providers operating within the European Union, many companies worldwide will be called to adjust to a new normal in 2024.

Apache Log4j 2, a Java-based logging library, was affected by a zero-day vulnerability on December 9, 2021. The vulnerability, known as Log4Shell and identified by the National Institute of Standards and Technology (NIST) as CVE-2021-44228, allows cybercriminals to take control of vulnerable systems and servers. Many web applications, open-source cloud platforms, and service providers utilize Log4j.

First, let me say happy new year! The holiday season has come and gone—seemingly overnight—and just like that, 2024 is well underway. At SafeBreach, we are eagerly looking to the new year and all that it will bring, including new goals and new opportunities to empower customers with greater visibility into the efficacy of their security tools and programs.

Vulnerability management is a critical aspect of vendor risk management (VRM). Organizations prioritizing third-party vulnerability management can mitigate third-party risk, ensure regulatory compliance, protect sensitive data, and maintain business continuity.

Navigating the regulatory standards within Non-Banking Financial Companies (NBFCs) demands a nuanced understanding of the evolving landscape shaped by the Reserve Bank of India (RBI) and other regulatory bodies. These standards serve as pillars for upholding the stability and transparency of the financial industry. Over recent years, this sector has witnessed a transformative journey in regulatory frameworks, reflecting the dynamic nature of finance.

Phishing isn’t anything new. It’s been a tried and true threat for nearly 30 years. Its age, however, doesn’t diminish its seriousness.

This week, 2024, started with destructive numbers. Transformative Healthcare was featured early on; their breach happened in February 2023 and may impact over 900k people, including patients and former FAS employees. Bunker Hill Community College announced updates to their 2023 incident, where assailants released ransomware and stole an estimated 195k records.

Yes, passkeys are phishing-resistant because they are built on the WebAuthn standard which is an authentication standard that uses public key cryptography to authenticate a user’s identity before they’re able to log in to their account. Continue reading to learn more about what makes passkeys phishing-resistant, plus the additional benefits of signing in to your accounts with passkeys over passwords.

The North Kansas City Hospital (NKCH) is just north of the Missouri River in North Kansas City, Missouri. The hospital boasts a considerable campus with 450 beds and over 100 more physicians. They provide nearly 50 medical specialties, including cancer, oncology, cardiology, women’s, and emergency care programs. The facility has served patients in the area for over 60 years; however, their recent breach may cause patients to receive care elsewhere.