Mitel’s MiCollab Unified Communications solutions are widely used by businesses to streamline communications. However, two critical vulnerabilities, CVE-2024-35286 and CVE-2024-41713, have been identified across several versions of Mitel MiCollab. CVE-2024-35286 has been identified in versions 9.8.0.33 and earlier and CVE-2024-41713 has been identified in versions 9.8 SP1 FP2 (9.8.1.201) and earlier.

In August 2022, LastPass suffered a data breach with escalating impact, ultimately resulting in a mass user exodus toward alternative password manager solutions. This post provides an overview of the timeline of events during the LastPass cyber attack and critical lessons to help you avoid suffering a similar fate. Learn how UpGuard streamlines Vendor Risk Management >

External attack surface management (EASM) is the continuous exercise of managing cybersecurity risks associated with an organization’s external-facing digital assets. The process includes monitoring, identifying, reducing, and mitigating risks present across an organization’s external attack surface.

Each year, we revisit our risk rating system to ensure it best reflects the needs of security practitioners safeguarding their organizations and supply chains. For our recentupdate, we’ve made two closely related changes: we’ve recategorized some of our existing findings to make an organization’s risk profile more understandable and recalibrated our scoring algorithm to more clearly illustrate the impact of specific risks.

Humans are often regarded as the weakest link in a cybersecurity program. Whether resulting from manipulative cybersecurity tactics or limited cybersecurity awareness, human errors remain the most prevalent attack vectors in every information security program, no matter how sophisticated your cybersecurity stack may be.

Attack surface management (ASM) is becoming a vital tool for any organization that utilizes digital assets or is undergoing digital transformation. Whether it’s web applications, IoT devices, or endpoint entry points, every digital asset escalates an attack surface in complexity and size.

The rapid expansion of the digital landscape adds increasing complexity to cybersecurity, especially for enterprises that could have up to 100,000 vendors in their supply chain. Addressing these challenges requires implementing an Attack Surface Management (ASM) strategy tailored to enterprise businesses' unique risk profiles. This post outlines the importance of ASM for enterprises and offers a strategy for ensuring its effective implementation.

To compete in an era of dynamic, multimodal cyberattacks, cybersecurity programs must become multidimensional, capable of simultaneously contending with a wide range of cyber threats. In this post, we explain how your organization can develop such a multipronged approach with a branch of cybersecurity known as cybersecurity threat detection.

‍The Australian Prudential Regulation Authority (APRA) has introduced Prudential Standard CPS 230 to enhance the operational resilience of financial institutions and protect the broader financial system from disruptions. APRA CPS 230 details the crucial requirements for managing operational risks, ensuring business continuity, and overseeing third-party service providers.

Subdomain takeovers pose a significant and often overlooked threat to website security. In today's digital age, almost every business has a website to promote, inform, and provide resources to visitors. Websites that use multiple subdomains risk exposing themselves to cyberattacks. Subdomain takeovers can lead to data breaches and reputational damage. However, these risks can be minimized with the right strategies, and your organization can stay protected.