Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Addressing Common Vulnerabilities and Exposures, known as CVE patching, is a practice of applying updates to software (patching) to address security vulnerabilities. CVE patching is your shield against the threat of malicious actors exploiting such weaknesses and is of crucial importance for every organization’s cybersecurity. This post will cover the basics of CVE patching: the roles and stakeholders, the step-by-step process, and common mistakes to avoid.

Last week, Michael Bargury and the team at Zenity published a video summarizing 6 vulnerabilities that are found in Microsoft Copilot Studio. The video highlights, in sequence, a myriad of ways that business users can create their own AI Copilots that are risky, why they are risky, and how they can be easily exploited. While I highly recommend checking out the video, this blog sets out to provide a look at why these vulnerabilities matter, and what considerations should be taken to mitigate them.

Staying ahead of threats requires not only innovation but also strategic partnerships and continual learning. Over the recent past, our journey has been marked by significant achievements, showcasing our commitment to excellence and collaboration within the industry.

When shopping online, you want to feel 100% sure that the service you are handing over your details is safe and secure. One of the most popular payment methods for online shopaholics is PayPal. However, is PayPal safe, and how secure is it when checking out online? Throughout this article, we will discover 15 of the most common PayPal scams and online fraud scams to watch out for and how to avoid them.

Cyber threat intelligence is gaining popularity in today's digital landscape, as organizations face many security threats that can compromise their sensitive data and disrupt their operations. To effectively reduce these risks and further advance threat detection, many companies are turning to Managed Security Service Providers (MSSPs) for unified security solutions. In this blog post, we will explain why companies choose MSSPs and the advantages of MSSPs for unified security.

A policy, by definition, is a statement of management intent that is mandatory for an organization. A security policy, obviously, focuses on the security of information assets.

There is every reason to believe that 2024 may be an interesting year in the cybersecurity space, making it difficult to foresee what might transpire. However, Trustwave's leadership is up to the task. There are several issues that Trustwave already knows will be at the core of many challenges that the world will have to face next year.

For the past 12 years in Austin, TX, the last week of October has been reserved for the Lonestar Application Security Conference (LASCON). Unequivocally, LASCON is the best cybersecurity conference you have never heard of! LASCON is the annual confab of the Austin, TX OWASP (the Open Worldwide Application Security Project) chapter. OWASP is a volunteer organization that is a treasure trove of application security information with things such as standards, discussion groups, documentation, and more.

Midstride in this year’s holiday shopping, it’s important to realize just how many websites exist that impersonate legitimate online retailers. More importantly, your users need to know how to spot these types of attacks before falling victim.

Researchers at Bitdefender warn that scammers are tricking victims with fake remote job opportunities. In this case, the scammers tell victims that they’ll get paid for liking YouTube videos. Notably, the scammers send the victims a small amount of money (around six dollars) to gain their trust. After this, the victim is invited to a Telegram channel, where the scammer offers to give them much higher-paying tasks if they pay an entry fee of between $21 and $1,083.