%term

Beyond PCI and HIPAA: How Feroot Powers Gramm-Leach-Bliley Act (GLBA) Compliance

Aug 25, 2025 By Feroot In Feroot

If your company collects, stores, or shares consumer financial data, there’s a good chance the Gramm–Leach–Bliley Act (GLBA) applies to you. But here’s the catch: many businesses outside of traditional banks—like fintech apps, insurance providers, and mortgage tech platforms—don’t realize they fall under GLBA oversight.

Read Post

Feroot

Read more about Beyond PCI and HIPAA: How Feroot Powers Gramm-Leach-Bliley Act (GLBA) Compliance

What is Advanced Endpoint Protection

Aug 25, 2025 By Arctic Wolf In Arctic Wolf

Endpoints play a vital role in any organization’s operations. However, endpoints are susceptible to a variety of cyber attacks, particularly malware and ransomware – threats that remain highly popular among threat actors. Additionally, many social engineering attacks seek to gain access to individual users’ endpoints.

Read Post

Arctic Wolf

Read more about What is Advanced Endpoint Protection

CrowdStrike Named a Leader in 2025 IDC MarketScape for Exposure Management

Aug 25, 2025 By Kamil Imtiaz In CrowdStrike

CrowdStrike has been named a Leader in the 2025 IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment. CrowdStrike has redefined exposure management to meet the realities of today’s threat landscape, where modern adversaries move fast, exploit stolen credentials, and use malware-free techniques to bypass defenses and blend into legitimate operations across endpoint, identity, cloud, and unmanaged infrastructure.

Read Post

CrowdStrike

Read more about CrowdStrike Named a Leader in 2025 IDC MarketScape for Exposure Management

AI Cybersecurity & Fact Check

Aug 25, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about AI Cybersecurity & Fact Check

The 2025 Cost of a Breach Report - The 443 Podcast - Episode 340

Aug 25, 2025 By WatchGuard Technologies In WatchGuard

This week on the podcast, we discuss key findings from IBM and the Ponemon Institute's 2025 Cost of a Breach Report, including a deep analysis of AI impacts in cybersecurity. Before that, we cover Norway's claim that Russian-aligned hackers opened a floodgate in one of their dams. We also discuss a vulnerability in Microsoft 365 Copilot that allowed the AI to delete its own audit logs. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The 2025 Cost of a Breach Report - The 443 Podcast - Episode 340

Tackling cybersecurity today: Your top challenge and strategy

Aug 25, 2025 By Shweta Dhole In TrustCloud

In this article Shadow IT used to be a fringe problem, a rogue Dropbox account here, a personal Gmail there. Now, it’s everywhere. One customer said it best: “We don’t have a Shadow IT problem. We are Shadow IT.” That stuck. It’s not malice. It’s urgency. People move fast. Procurement doesn’t. So teams swipe cards, spin up tools, and get on with it. The intentions are good. The risks are massive. We’ve seen it firsthand.

Read Post

TrustCloud

Read more about Tackling cybersecurity today: Your top challenge and strategy

Inside the Kimsuky APT Leak: Stolen GPKI Certificates, Rootkits, and a Personalized Cobalt Strike from North Korea's Cyber Unit

Aug 25, 2025 By Foresiet In Foresiet

In a rare and unprecedented incident, a massive operational dump belonging to the North Korean Kimsuky APT group was leaked on a dark web forum. The leak containing virtual machine images, VPS dumps, phishing kits, rootkits, and thousands of credentials offers an unparalleled look into the inner workings of one of Pyongyang’s most prolific cyber espionage groups.

Read Post

Foresiet

Read more about Inside the Kimsuky APT Leak: Stolen GPKI Certificates, Rootkits, and a Personalized Cobalt Strike from North Korea's Cyber Unit

5 healthcare cybersecurity regulations and frameworks to follow in 2025

Aug 25, 2025 By Vanta In Vanta

As AI and automation increasingly become embedded into healthcare operations, securing these technologies becomes critical, especially for organizations managing protected health information (PHI), which are frequent targets for cybersecurity threats such as data breaches and unauthorized access. ‍ To safeguard this sensitive data, regulatory agencies like the U.S. Department of Health and Human Services (HHS) enforces strict cybersecurity and privacy regulations under HIPAA.

Read Post

Vanta

Read more about 5 healthcare cybersecurity regulations and frameworks to follow in 2025

The Next Level of Managed Vulnerability Scanning: Authenticated and Unauthenticated Scans

Aug 25, 2025 By Mary Eduel Neyra In Trustwave

Trustwave, A LevelBlue Company, is a huge proponent of employing offensive security tactics to ensure a client is properly protected. For Trustwave, the reason is obvious. Offensive security is an effective approach to evaluate and enhance an overall security posture. We’ve written about this before (just check here, here, and here), but today we will explore the difference between an Authenticated Scan and an Unauthenticated Scan. Let’s set the stage by defining the two types of scans.

Read Post