The NIS Regulations were enacted in May 2018 to implement the EU Directive to achieve NIS compliance.
According to the FBI Internet Crime 2020 Report, phishing scams were the most prominent attack in 2020 with 241,342 complaints reported and adjusted losses of $54 million. In particular, whaling (a highly targeted phishing attack) has been on the rise and is only expected to grow from here. A whaling attack targets high-profile executives with access to valuable information and systems. Let’s take a closer look at whaling attacks and how to stay protected.
CVE-2022-23628 was published last week by the Open Policy Agent (OPA) project maintainers after a user reported unexpected behavior from a policy bundle that was built with optimizations enabled. The problem stemmed from a regression fix in the v0.33.1 release that addressed incorrect pretty-printing of Rego object literals by the `opa fmt` command and the underlying `format` package.
Part of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift in the attacker’s tactics. Just as a doctor “rules out” a particular diagnosis, an effective attacker first searches for well-known vulnerabilities using catalogs of offensive exploits. These are part of the attacker’s playbook.
