Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many large organisations, and the need for software makers to properly embrace the principles of security-by-design.

Your board of directors expects to be regularly updated about your data breach prevention efforts, but board members often lack the necessary technical insight to understand the cyber risk mitigation processes making up your cybersecurity posture. CISOs are tasked with bridging the gap between awareness of your organization’s security efforts and stakeholder KPIs with the support of an invaluable tool - a cybersecurity board report.

American global manufacturer of cleaning products Clorox stated that recent sales and profit loss to a cyber attack. In a statement from Clorox's press release, "As previously disclosed, the Company believes the cybersecurity attack has been contained and the Company is making progress in restoring its systems and operations. The available information does not confirm whether the Clorox cyber attack was a ransomware incident.

Explore the critical role of secrets security in the era of software-driven vehicles. From code leaks to supply chain vulnerabilities, read how safeguarding automotive software is paramount for consumer safety.

A new critical vulnerability has been disclosed by Atlassian in a security advisory published on October 4th 2023 in its on-premise Confluence Data Center and Server product. A privilege escalation vulnerability through which attackers may exploit a vulnerable endpoint in internet-facing Confluence instances to create unauthorized Confluence administrator accounts and gain access to the Confluence instance.

An Intrusion Prevention System (IPS) is a technology that can automatically detect and control security attacks, both known and unknown. The focus of this system is threat prevention — though a related technology, IDS, works to better detect threats. Let’s take look at how IPS prevents intrusions and the most common ways IPS can work.

Last year, we talked about different techniques for using Splunk Enterprise, Splunk Cloud Platform, and Splunk Enterprise Security to detect modern financial crime using risk scores with aggregated rules and the power of the Splunk platform.