Threat modeling is the process of mapping security weaknesses in a system and prioritizing how to respond to them. In this in-depth article, we will.

On Thursday, February 8th, the Fortinet Product Security Incident Response Team released an advisory (FG-IR-24-015) notifying of an out-of-bound write vulnerability in their SSL VPN tracked as CVE-2024-21762. The vulnerability “may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests”.

Uncover the startling surge in cyber threats from our Avast Q4/2023 Threat Report. Over 10 billion attacks last year reveal the critical need to pay attention.

On February 2nd, 2024, AnyDesk disclosed that their production systems had been compromised and that private code signing keys and source code were stolen, while an unknown number of user accounts had their passwords reset. This is a significant concern, as it would allow a malicious attacker to generate malicious versions of AnyDesk software with compromised code that appears to be legitimate. It is assessed that approximately 18,000 credentials are available for sale on the Dark Web as a result.

Software developers face a constant barrage of cyber threats that can compromise their applications, data, and the security of their organizations. In 2023, the cyber threat intelligence (CTI) market is worth approximately $11.6 billion, and it’s projected to surpass $21 billion by 2027. Why?

Threat intelligence management is an essential component of any modern cybersecurity strategy. With cyber attacks becoming more sophisticated and frequent, it’s more important than ever to have the right tools and tactics in place to identify and prevent threats. A threat intelligence platform (TIP) can be a powerful tool in this fight, providing real-time insights and actionable intelligence to help organizations stay ahead of the game.

Brace for impact—CISOs and IT professionals are gearing up for what promises to be an intense year in cybersecurity. Cybercriminals are readying themselves with increasingly cunning tactics against unsuspecting organizations and users. From leveraging artificial intelligence in creating bespoke malware to launching impressively uncanny spoofed sites, the risks are becoming increasingly intricate and difficult to predict.

Today’s modern supply chains can be large and complex, involving many suppliers doing many different things. As digital transformation initiatives have accelerated, the ecosystem of suppliers has exploded. Effectively securing the supply chain is hard because vulnerabilities can be inherent, or introduced and exploited, at any point in the supply chain. Unfortunately, a compromised software supply chain can cause significant damage and disruption.