For ensuring compliance in your business practises, it is worth noting that it is just as common (if not more common) for bad actors to target small businesses and small-to-medium-sized enterprises (SMEs). A website can easily get hacked, an email account can be compromised, and sensitive information may even be stolen by employees. These are just a few common examples of how data can be breached.

The Health Insurance Portability and Accountability Act (HIPAA) is U.S. legislation that sets national privacy and security standards to protect the privacy of patient health information and prevent data breaches. In addition to doctors, hospitals, other healthcare providers, health insurance companies and “business associates” of healthcare organizations fall under HIPAA regulations.

Audit Policy: Object Access: SAM is a setting in the Windows operating system that controls the auditing of security events related to access to the Security Accounts Manager (SAM) database. The SAM database is used to store user account information, including login credentials, on a Windows system. When the setting is enabled, the system will generate an audit event in the security log of the event viewer every time an attempt is made to access the SAM database.

Has your organization suddenly been attacked by a ransomware virus? Take a deep breath and try to remain composed. It can be easy to panic or become overwhelmed in the face of an attack, but it is vital to remain calm and focused in order to make the best decisions for your organization.

The JFrog Security Research team is constantly looking for new and previously unknown vulnerabilities and security issues in popular open-source projects to help improve their security posture and defend the wider software supply chain.

Do ransomware gangs actually have a heart? Perhaps... Just days before Christmas, on the night of Sunday 18 December 2022, Canada's Hospital for Sick Children (better known as SickKids) was hit by a ransomware attack. The Toronto-based teaching and research hospital reported that the attack had impacted its internal systems, phone lines, and website.

The California Privacy Rights Act (CPRA) is a privacy law that was passed in California in 2020. It strengthens the security standards of the California Consumer Privacy Act (CCPA), making California's consumer privacy laws more aligned with the General Data Protection Regulation (GDPR). The CCPA gives California residents the right to know what personal data is being collected by companies and whether it will be sold or disclosed to other parties.

Attack surface management (ASM) and vulnerability management (VM) are often confused, but they’re not the same. The primary difference between the two is scope: Attack surface management and external attack surface management (EASM) assume that a company has many unknown assets and therefore begin with discovery. Vulnerability management, on the other hand, operates on the list of known assets.