In quick succession in December, The Apache Software Foundation released information on two critical vulnerabilities in its Log4j Java-based library. The first vulnerability CVE-2021-44228, also known as Log4Shell or LogJam, was reported as an unauthenticated remote code execution (RCE) vulnerability. By exploiting how the library logs error messages, it could lead to a complete system takeover.

The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks.

When it comes to cybersecurity governance and management, there is no “one size fits all” approach. Today’s CISOs have a far wider range of responsibilities than their predecessors as heads of IT security. The CISO role is no longer purely technical, focused on hardware and endpoint protection and on operations within the organisational perimeter. Today’s CISO is as likely to be involved with software security, cloud applications, security awareness, and user training.

On Nov. 24th 2021 a severe security vulnerability, called “Log4Shell”, has been reported in the JAVA framework “Log4J” 2.x which is widely used for event logging in JAVA applications worldwide. The vulnerability allows cyber-attackers to execute arbitrary code by injecting it into a logging process implemented in Log4J. The “Log4Shell” vulnerability allows complete server takeover by the attackers.

Right now, cybersecurity is more important than ever. Major changes to how we work and live — like the pivot to remote work or the growing use of IoT (internet of things) devices — have created new cybersecurity vulnerabilities and challenges. Businesses will need new strategies to respond to the changing cybersecurity threat landscape. These cybersecurity trends are likely to show where the field is moving in 2022 and how businesses should prepare.

Microsoft Teams has exploded in popularity in recent years, going from 2 million users in 2017 to roughly 250 million today. That growth is due in no small part to the disruptions caused by the global pandemic, with employees working from home and still needing to collaborate.

Endpoint data loss prevention (DLP) discovers, classifies, and protects sensitive data – like PII, credit card numbers, and secrets – that proliferates onto endpoint devices, like your computer or EC2 machines. This is a way to help keep data safe, so that you can detect and stop occurrences of data exfiltration. Our endpoint DLP application will be composed of two core services that will run locally.