Cisco VPN Zero-Day exploited by ransomware gangs (CVE-2023-20269) - Insights and best practices for defense Copy

In the tech security scene, we’re always on the lookout for new vulnerabilities, especially when they are already exploited in the wild. The latest zero-day CVE-2023-20269 is hitting Cisco’s Adaptive Security Appliance VPN features. The attack surface scan conducted by IONIX research on a sample of organizations indicates that 13% of these appliances are potentially vulnerable through at least one interface.

Regulatory Compliance 101: What You Need To Know

To operate legally and ethically, every company, no matter the size or type of organization, must be aware of the laws, regulations, and industry standards that govern them. Though many businesses may view regulatory compliance as a burden, it does not have to be this way. The benefits of following these rules greatly outweigh the consequences. Organizations can ensure the safety and well-being of their employees, customers, and the general public by following these regulations.

The role of automation in mitigating cybersecurity risks

Cyberattacks are on the rise around the globe. Recent data suggest that there are 2,200 cyberattacks every day and that the average cost of a data breach is $9.44 million. Of those cyberattacks, 92% are delivered via email in the form of malware and phishing. In 2022 alone, businesses reported 255 million phishing attacks with an average cost of $4.91 million.

DarkGate Loader Delivered via Microsoft Teams - How It Works, How to Mitigate It and How Forescout Can Help

The threat intelligence data that Forescout Research – Vedere Labs curates comes from the millions of connected devices that we monitor, attacks we observe and dissect in our sandboxes, data relating to attacks that is traded on the Darknet, and from our Adversary Engagement Environment. We see a lot of data. One thing no cybersecurity researcher wants to see, however, is an attack on their own organization.

The Evolution of Security and Identity is Key to Successful Digital Transformation

The Evolution of Security and Identity is Key to Successful Digital Transformation. Not a day goes by when we don’t hear about yet another data breach or sophisticated compromise. As a result, there cannot be a C-Suite executive that is unaware of the cyber threats their organisation faces, either through guidance from their security teams or the constant media reporting of ransomware or data theft as a result of successful cyber-attacks.

5 Key Considerations When Working with a CMMC Partner

While regulations like Cybersecurity Maturity Model Certification (CMMC) 2.0 have expanded in size and scope in the past several years, my experience with CMMC actually dates back to early 2017. At the time, I was working with a client who was a contractor for the U.S. Department of Defense. They were looking to jump into the deep end and start implementing the NIST Cybersecurity Framework, which CMMC is based upon.

10 Dynamic Principles for Crafting a Robust Database Security Strategy

The digital world relies on data, which because of its considerable value, is constantly targeted by skilled cybercriminals who have spent years developing methods and tools to gain access to even the most secure databases. Never mind those databases whose owners only pay lip service to security. Traditional security approaches that focus on network perimeters are no longer sufficient in today's evolving threat landscape.

Email Continuity for Microsoft 365

The Importance of Email Continuity Email is the lifeblood of many organizations. It serves as a primary channel for communication, document sharing, scheduling, and collaboration. When email services experience downtime due to various reasons such as server issues, maintenance, or cyberattacks, businesses can face significant challenges: Microsoft 365: A Powerful Email Solution Microsoft 365 offers a robust and feature-rich email service through Exchange Online.

Introducing DataTrails provenance automation for Dropbox files

We are thrilled to announce a new integration with Dropbox that enables verifiable provenance metadata to be automatically created for content you store and manage on Dropbox. With the onset of generative AI and the increasing threats of fake data and fraud, the ability to prove ownership of your content and protect it from misuse is more urgent now than ever.

Auto-resolve Incidents When Valid Secrets Are Revoked With GitGuardian Playbooks

Many teams choose to mark incidents as resolved once the secret involved has been revoked or rotated. With the GitGuardian auto-resolution playbook, you can automate the remediation process, saving you a step any time a credential becomes invalid. This works for both real-time detection and all historical incidents whenever an incident is re-checked for validity.