The ultimate cyber spring-cleaning checklist
Spring is not just a time for dusting off shelves and donating old clothes; it's also the perfect season to declutter and organize your digital space.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Unexpected Connections: The Future of Internet-Connected Spaces
In today's digital age, the concept of connectivity has transcended beyond our wildest imaginations. "Unexpected Connections: The Future of Internet-Connected Spaces" dives deep into the realm where anything and everything can be connected to the internet, including applications not traditionally approved by tech departments. 🏢🌍📲
CVE-2024-29204, CVE-2024-24996: Critical Vulnerabilities in Ivanti Avalanche
On April 16, 2024, Ivanti disclosed two critical vulnerabilities within its Avalanche Mobile Device Management (MDM) solution. These vulnerabilities, identified as CVE-2024-29204 and CVE-2024-24996, are heap overflow issues in the WLInfoRailService and WLAvalancheService components, respectively. Both vulnerabilities have been assigned a CVSS score of 9.8, indicating their critical nature due to the potential for unauthenticated Remote Code Execution (RCE) in low-complexity attacks.
The Top 17 UEBA Use Cases to Protect Your Business
Imagine being able to halt cybercriminals before they strike. This is the power of UEBA (User and Entity Behavior Analytics). UEBA stands out for its capability to identify suspicious activities that could indicate a security breach or insider threat. It does this by analyzing patterns and behaviors, making it a unique and powerful tool in the cybersecurity landscape. This article explores 17 powerful use cases demonstrating why UEBA protects your business.
Why Chinese-made IoT devices are growing in the US despite bans
Between 2023 and 2024, Chinese-made IoT devices in US networks grew by over 40%, as reported in our recent Forescout Research — Vedere Labs report. Why have banned Chinese-devices grown over the last year in the US and in other regions? In this video, Elisa Costante, our VP of Research, and Rik Ferguson, our VP of Security Intelligence, explore this question in detail.
Elastic Security evolves into the first and only AI-driven security analytics solution
In our previous installation, we discussed the history of security information and event management (SIEM) solutions — from collection to organizational detections and finally to response and orchestration. Now, we are firmly in the SIEM 3.0 revolution and focused on applying generative AI to every applicable process in the security operations center with tremendous success.
What is the Connecticut Data Privacy Act (CTDPA)?
The Connecticut State Government signed the Connecticut Data Privacy Act (CTDPA) into law on May 10, 2022, and the law became effective on July 1, 2023. The CTDPA joins the ranks of other US state privacy laws, like the California Consumer Privacy Act (CCPA) and the Colorado Privacy Act, providing Connecticut consumers with robust data privacy rights and protections.
What is the Oregon Consumer Privacy Act (OCPA)?
The Oregon State Government passed Senate Bill 619, also known as the Oregon Consumer Privacy Act (OCPA), in July 2023. The OCPA will become effective on July 1, 2024, the same day the Texas Data Privacy and Security Act will also impose obligations on data controllers and processors. Oregon’s privacy legislation follows the structure of several other US data privacy laws, including the Colorado Privacy Act, the Virginia Consumer Data Protection Act, and the Montana Consumer Privacy Act.
The EU's Strategy for a Cybersecure Digital Single Market
The EU Digital Single Market Strategy (DSM Strategy) is a comprehensive initiative launched by the European Union to enhance Europe’s digital economy and maximise its growth potential across member states. The strategy includes evolving policies and specific initiatives aimed at the digitalisation of the European Union and adapting it to the rapidly changing digital ecosystem.
Aligning Cyber Strategy with Business Goals: A Crucial Gap
Explore the critical gap in many organizations where cyber strategy fails to align with business goals in this insightful episode from the Razorwire Podcast. Learn why this misalignment poses challenges for CISOs and other cybersecurity professionals who struggle to communicate the importance of security investments to decision-makers. This short delves into the often overlooked connection between a company's risk appetite and its cybersecurity measures, emphasizing the need for a cohesive strategy that supports the core business objectives.