Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When it comes to high profile cybercrime incidents, it’s the major tech vulnerabilities and sophisticated state-sponsored threat vectors that make the headlines. In reality, however, most of the cybercrime incidents exploit the human element as the weakest link in the cyberattack kill chain.

Managing and mitigating cyber risk has never been more challenging for companies. Cyber threats are growing exponentially. Daily, hackers are becoming more sophisticated. Businesses rely more on data to function: experts expect that cybercriminals will steal more than 33 billion records this year alone. With an increasing reliance on third-party vendors and cloud services, IT teams are essentially forced to leverage complex infrastructures with significant vendor risk.

When it comes to protecting sensitive business information and trade secrets, most business execs believe that sophisticated cybersecurity solutions and a strong mechanism for security governance are enough. The reality is that establishing multiple layers of security defense forms a strong security fortress against external threats — but that’s not where most corporate espionage originates.

As its name indicates, Denial of Service (DoS) is any cyberattack that renders the target service inaccessible to legitimate users and information systems. That is, you're trying to access a web page or web service and it's just down, not working. The most common way attackers achieve this is by flooding the host servers and network with excessive traffic, such that the host server crashes or fails to respond in an acceptable duration. The denial-of-service style of attack is a common one.

On September 28th it was disclosed by GTSC that there was a possible new zero day being abused in the wild beginning in early August. Although this campaign looked very similar to the previously abused vulnerability in Microsoft Exchange, dubbed ProxyShell at the time, comprising 3 CVEs (CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207) that when combined enabled an adversary to gain remote access to an Exchange PowerShell session that may be abused.

Quantum computing is an emerging technology that, in due time, will enable amazing power for humanity. With good comes bad. Bad actors are likely to harness quantum computing to distrust, steal or cause harm — threatening our global ways of living and working. We must help federal agencies and commercial enterprises to build quantum safety and quantum resilience against a worst-case scenario. Fortunately, the threat is being recognized. On December 21, 2022, the U.S.

It was another eventful year for security professionals in 2022. The year began on the tail of the Log4j vulnerability, data breaches were on the rise, and ransomware attacks were as prevalent as ever. So it’s safe to say cyber resilience is required to be at the forefront for public sector leaders.