Today organizations have been able to recognize over the years the benefits of implementing a Cloud-based SIEM Service in terms of scalability, cost, and security. However, before operating in the cloud, you should know what architecture you need to adopt to protect your business and your customers’ data. Intending to help you implement a cost-effective SaaS SIEM Service, we share the advantages of multi-tenant over a single-tenant cloud architecture.

There is a new trope in the security industry, and it goes something like this: To keep yourself safe, you need an AI-powered solution that can act on its own, and to do that, you need to keep those pesky humans away from it. As a practitioner with a track record of bringing AI to cybersecurity — not because marchitecture demands it these days but because of its actual utility to solve security problems — I find this characterization puzzling.

On Wednesday, April 6, 2022, VMware disclosed several critical-severity vulnerabilities impacting multiple VMware products. If successfully exploited, the vulnerabilities could lead to Remote Code Execution (RCE) or Authentication Bypass. In addition to the critical severity vulnerabilities, VMware disclosed several high and medium severity vulnerabilities, which could lead to Cross Site Request Forgery (CSRF), Local Privilege Escalation (LPE), or Information Disclosure.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Oh come on, hard coded password? Really?

It’s almost that time of the year to file taxes in Portugal, so John opens the email he received asking him to submit his taxes. It’s from a bank he trusts, so he follows the instructions in the email and proceeds to download the attached PDF. Little did he know that when he clicked the links in the email body, the Lampion trojan was downloaded from an online server.

From restaurant menus to sporting tickets, using a QR code has become a regular part of life for many. They’ve been widely used in some countries for years, and during the pandemic they finally hit mass adoption in North America and the UK.

One would be hard pressed to find anyone working today in the cybersecurity world that has not yet heard of Lapsus$, an emerging cyber-crime group with big claims of breaching the likes of high-profile companies Microsoft, Samsung, NVIDIA, and Okta amongst others.

A new report, which surveyed 1200 IT security professionals in 17 countries around the world, has shone a light on a dramatic rise in the number of organisations willing to pay ransoms to extortionists. The ninth annual Cyberthreat Defense Report (CDR), produced by CyberEdge Group, shows that not only has there been a substantial increase in the percentage of companies that pay ransoms, but the average size of ransomware payments also increased significantly.