In today’s world, speed wins. Just take Amazon for example. You can place an order with the click of a button and have it delivered to your door in under twenty-four hours. Retailers that can’t compete with Amazon’s speed are falling behind. The same level of speed and efficiency is expected with technology. Companies are in a race to deliver new and innovative technology first. But aside from speed, companies are also concerned about the security of their software.

Port scanning is the critical element of any cyber risk assessment conducted under infrastructure security or network security domains. It helps to identify all the exposed services on a system or network. Presence of open ports doesn’t indicates importance from attack perspective only; they are equally vital from a defensive front.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Have to say, this article topped my list of cool vulnerabilities this week, nay, a few months I think.

Most of the time, threat actors in the cybersecurity landscape don’t employ advanced techniques and tools to intrude and establish a foothold within networks. Often, they disguise malicious operations by mimicking the activities of legitimate users, leaving behind little to no footprint. Blending malicious actions with day-to-day IT activities helps attackers maintain a low profile and remain undetected for a longer period.

Most security breaches are the result of one thing: sloppy password practices. Too many people make the mistake of choosing weak passwords, or reusing passwords that they have used elsewhere on the internet – making life too easy for malicious hackers trying to gain unauthorised access.

At Nightfall, we believe in the power of learning from those who have done it before. That’s why we created CISO Insider — a podcast interview series that features CISOs and security executives with a broad set of backgrounds, from hyper-growth startups to established enterprises. Through these interviews, we’ll learn how industry experts overcame obstacles, navigated their infosec careers, and created an impact in their organizations.

The question of cybersecurity certifications comes up very frequently on discussion boards. What is the best certificate to get? Is a college degree better for getting a cybersecurity role? What education or skills are needed for various cybersecurity roles? And many, many more. In this post, I'll try to clarify some of these questions and more.