Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CISA added CVE-2023-24489 to the Known Exploited Vulnerabilities Catalog in August 2023. CVE-2023-24489 is an access control vulnerability impacting the use of Citrix ShareFile StorageZones Controller version 5.11.24 and below. Citrix ShareFile is a real-time collaboration platform. While ShareFile primarily offers a cloud-based file-sharing application, there are some features that accommodate data storage through the use of a storage zone controller.

M&T Bank was established in 1856 and is one of the largest banks in the US. It is based in Buffalo, New York, and currently has over 1,000 branches in 12 separate states. The bank houses data for hundreds of thousands of individuals, and some of that information may be at risk because of a recent breach. Learn all about the 2023 M&T Bank data breach below.

At Tines we drink our own champagne. The tines@tines blog series is a testament to the unique ways we’ve leveraged Tines to accelerate our own processes. As the title implies, this post is about how we built a self-service free trial process using Tines.

In my previous blog post, I looked at how software supply chain attacks work and what you can do to assess and analyze your security posture. Now, let’s figure out how to use the resultant information to harden your software supply chain against threats.

We recently discussed the new SEC rule requiring all registered companies to report material cyber incidents within four (4) days.

As technology advances and the use of biometric data becomes more prevalent, it is crucial to address the privacy concerns and regulatory compliance associated with this sensitive data. The General Data Protection Regulation (GDPR) plays a key role in safeguarding individuals’ privacy rights and ensuring the responsible handling of biometric data. Artificial Intelligence (AI) can also be utilized to ensure compliance and responsible handling of biometric data.

As the threat landscape evolves, so must the methods and tools to safeguard critical digital assets. Vulnerability management programs that were once considered the gold standard are starting to show limitations in their ability to address complex cyber risks.

Cyber threats do not always come from outside an organization. Insiders, including current and former employees, contractors and other business partners with authorized access to your network, systems or data can pose significant risk, damage your reputation or even cause financial losses and business disruption. Insider threat incidents are on the rise and organizations affected by them spend on average $15.4 million on mitigation efforts.

Kroll’s findings for Q2 2023 reveal a notable shift toward increased supply chain risk, driven not only by the CLOP ransomware gang’s exploitation of the MOVEit transfer vulnerability, but by a rise in email compromise attacks. This and other key security trends are shaping a threat landscape in which diverse cyber threats are present.

Discover how GitGuardian's new Infra as Code Security capabilities empower cloud engineers and security professionals to detect, manage, and resolve IaC vulnerabilities precisely.