%term

Critical Capabilities for Mobile Vulnerability Management

Jan 29, 2022 By Lookout In Lookout

As organizations enable employees to work remotely, mobile devices and wireless networks will be key tools for maintaining communication and remaining productive. Allowing employees to work productively from any device and any location can open users to the risks that come with the shared nature of a mobile device. When your employees work from a personal device with access to corporate data, the device's health must be taken into account. It must be assessed for compliance with corporate security and risk policies.

View Video

Lookout

Read more about Critical Capabilities for Mobile Vulnerability Management

How a Dark Web Monitoring Can Save Your Organization

Jan 29, 2022 By giusel In UTMStack

Organizations often have their confidential information illicitly for sale on the darknets, but they don’t know it. Statistically, over 75% of compromised credentials are reported to the victim organization by law enforcement when it has become too late. That’s why dark web monitoring tools providers are the appropriate solution to help you know on time when your credentials are stolen and exposed on the dark web.

Read Post

UTMStack

Read more about How a Dark Web Monitoring Can Save Your Organization

A CMMC Compliance Checklist

Jan 29, 2022 By giusel In UTMStack

The Cybersecurity Maturity Model Certification (CMMC) is a well-known framework for assessing the maturity of an organization’s cybersecurity. It’s designed to help organizations improve their cybersecurity by raising awareness about best practices and implementing a roadmap.

Read Post

UTMStack

Read more about A CMMC Compliance Checklist

Analyzing the PwnKit local privilege escalation exploit

Jan 29, 2022 By Kyle Suero, Matt Jarvis In Snyk

What do Linux vulnerabilities and natural disasters have in common? Something seemingly dormant can suddenly spring to life, exposing activity beneath the surface. Several days ago, a security researcher published a high-severity vulnerability named PwnKit that impacts most major Linux distributions. The scary part? It’s existed since May of 2009. Polkit is a component for controlling privileges in Unix-like operating systems and is included by default on most major Linux distributions.

Read Post

Snyk

Read more about Analyzing the PwnKit local privilege escalation exploit

The PwnKit vulnerability: Overview, detection, and remediation

Jan 28, 2022 By Zack Allen In Datadog

On January 25, 2022, Qualys announced the discovery of a local privilege escalation vulnerability that it identified as PwnKit. The PwnKit vulnerability affects PolicyKit’s pkexec, a SUID-root program installed by default on many Linux distributions. The same day of the announcement, a proof of concept (PoC) exploit was built and published by the security research community.

Read Post

Datadog

Read more about The PwnKit vulnerability: Overview, detection, and remediation

Experts offer advice for Data Protection and Privacy Day 2022

Jan 28, 2022 By SecuritySenses In SecuritySenses

Data Protection Day as it's marked across Europe, or Data Privacy Day, internationally, is an annual marker in a very challenging cybersecurity challenging calendar. Consumer data is regularly stolen, and enterprises and public sector organisations are often in the headlines because of incessant attacks from cybercriminals as well as from accidental privacy misadventures.

Read Post

SecuritySenses

Read more about Experts offer advice for Data Protection and Privacy Day 2022

Five worthy reads: Into the metaverse

Jan 28, 2022 By ManageEngine In ManageEngine

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we will explore the concept of the metaverse and what it holds for the future of technology and user experience. Illustration by Dorathe Victor When Facebook changed its name to Meta in September 2021, a new buzzword took over the tech world: the metaverse.

Read Post

ManageEngine

Read more about Five worthy reads: Into the metaverse

CMMC Town Hall With Matt Travis - CEO, CMMC-AB | 1/12/22 | NeoSystems

Jan 28, 2022 By NeoSystems In NeoSystems

NeoSystems CMMC Town Hall Series: Join NeoSystems’ Chief Information Security Officer, Ed Bassett, for our weekly CMMC Town Hall designed for the Defense Industrial Base and GovCon community. Each session features special guests and offers an opportunity for attendees to ask questions regarding CMMC and cybersecurity. Topics covered include CMMC compliance requirements, how to prepare for CMMC certification, and the latest updates from the CMMC AB.

View Video

NeoSystems

Read more about CMMC Town Hall With Matt Travis - CEO, CMMC-AB | 1/12/22 | NeoSystems

What a Modern Privileged Access Management (PAM) Solution for Cloud-Native Applications Looks Like

Jan 28, 2022 By Sakshyam Shah In Teleport

Privileged Access Management (PAM) is a go-to solution to prevent privilege misuse and insider threats, and limit malware propagation. After all, properly protecting and monitoring the keys to the kingdom is always a good practice. Privileged Access Management has been even more critical in recent times. With the advent of the cloud where infrastructure is provisioned with a single API call and authenticated with a single API key, the risk of someone misusing these credentials is far higher.

Read Post

Teleport

Read more about What a Modern Privileged Access Management (PAM) Solution for Cloud-Native Applications Looks Like

Weekly Cyber Security News 28/01/2022

Jan 28, 2022 By Kevin In ionCube24

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Last week’s attack on Crypto.com did in fact lead to lost currency….

Read Post