Tenable

MARCH 3, 2023

FBI and CISA Release Cybersecurity Advisory on Royal Ransomware Group The FBI and CISA have released a joint Cybersecurity Advisory discussing the Royal ransomware group. Our report on the Ransomware Ecosystem provides a deeper explanation on how ransomware operators gain access to their target's networks.

Groups 96

Groups Systems Review Technical Review Software Review 96

Tenable

DECEMBER 8, 2023

Meanwhile, the OpenSSF published 10 key principles for secure software development. Plus, malware used in fake browser-update attacks ballooned in Q3. Cybersecurity and Infrastructure Security Agency (CISA) issued a clarion call for software makers to use so-called “memory safe” programming languages. And much more!

Software Review 68

Software Review Software Malware Software Development 68

MagmaLabs

MARCH 6, 2023

Reading Time: 3 minutes Alongside performance and usability, you should always focus on security when creating any web application. So you must know how to secure your users and their data. In this article, we will tell you one of the best ways to be a game changer in cybersecurity. Let's dive in!

Security 98

Security Software Review Systems Review Technical Review 98

Tenable

MAY 18, 2023

and Australian Agencies Publish Joint Cybersecurity Advisory on BianLian Ransomware Group The FBI, ACSC and CISA have released a joint cybersecurity advisory discussing the BianLian ransomware group. The group claims to have stolen ~4,200 student records containing phone numbers, email addresses, and social security numbers.

Groups 98

Groups Systems Review Malware Technical Review 98

Tenable

JANUARY 19, 2024

In addition, the latest on the Androxgh0st malware. Cybersecurity and Infrastructure Security (CISA) agency and the Federal Bureau of Investigation (FBI) said this week. To mitigate this risk, the agencies recommendations include: Using drones built with secure-by-design principles, such as those manufactured in the U.S.

Infrastructure 72

Infrastructure Malware Government Technical Review 72

OTS Solutions

JUNE 21, 2023

However, as more organizations rely on these applications, the need for enterprise application security and compliance measures is becoming increasingly important. Breaches in security or compliance can result in legal liabilities, reputation damage, and financial losses.

Compliance 246

Compliance Enterprise Applications Software Review 246

Tenable

DECEMBER 29, 2023

As we reflect on the many accomplishments Tenable OT Security achieved in 2023, one thing is clear: we couldn’t have done it without the support and collaboration of our customers and partners. I can easily say 2023 was a good year for Tenable OT Security. We believe all cyber risk needs to be viewed, ultimately, as operational risk.

Systems Review 72

Systems Review Technical Review Software Review IoT 72

Tenable

DECEMBER 9, 2022

Get the latest on the anniversary of the Log4j crisis; OWASP’s top CI/CD risks; a surge of infostealer malware; the fund transfer fraud — business email compromise connection; and more! . 2 - OWASP’s top 10 CI/CD security risks. Dive into six things that are top of mind for the week ending Dec. Back in July, the U.S.

Software Review 52

Software Review SMB Malware Development Team Review 52

Tenable

FEBRUARY 24, 2023

Find out how much of a pay bump cybersecurity architects and engineers got. Plus, a powerful AI cybersecurity tech is nearing prime time. Also check out the long-awaited security algorithms for IoT devices. That’s according to Dice.com’s annual “Tech Salary Report,” released this week. And much more! in 2022 to $96,379.

Security 98

Security Engineering Technical Review IoT 98

CIO

AUGUST 2, 2023

When it comes to keeping our digital world secure, there’s a saying that really hits home: “ You can’t protect what you can’t see.” It’s a reminder that without a clear view of our data and systems, we’re leaving ourselves vulnerable to all sorts of risks. That’s where centralized visibility comes in.

Cloud 245

Cloud Compliance Systems Review Scalability 245

Tenable

SEPTEMBER 1, 2023

Plus, the QakBot botnet got torn down, but the malware threat remains – what CISA suggests you do. Moreover, new quantum-resistant algorithms are due next year. National Cyber Security Centre. As OpenAI released ChatGPT Enterprise, the U.K.’s s cyber agency warned about the risks of workplace use of AI chatbots. And much more!

ChatGPT 63

ChatGPT Artificial Inteligence Tools Malware 63

CIO

JULY 17, 2023

However, this shift requires a thorough understanding of the security implications and how a business can protect its data and applications. As with all technology introductions, it’s important to have clear security policies, tools, processes, and training. Watch on-demand here. How is the cloud being attacked and why?

Cloud 245

Cloud How To Malware Open Source 245

Tenable

OCTOBER 27, 2023

Check out how organizations’ enthusiasm over generative AI is fueling artificial intelligence adoption for cybersecurity. Also, why boards of directors feel more comfortable with cybersecurity. business and IT pros involved in cybersecurity. business and IT pros involved in cybersecurity. And much more!

Artificial Inteligence 64

Artificial Inteligence Artificial Intelligence Technical Review Backup 64

Tenable

AUGUST 30, 2023

Analysis CVE-2023-2868 is a remote command injection vulnerability in Barracuda ESG appliances due to improper handling of emails with attachments. In these attacks, UNC4841 leveraged multiple backdoor malware families, dubbed SALTWATER , SEASPY , SEASIDE , SUBMARINE (DEPTHCHARGE), and WHIRLPOOL.

Malware 115

Malware Software Review Systems Review Exercises 115

Tenable

DECEMBER 6, 2023

Researchers including Kevin Beaumont, who has been instrumental in sounding the alarm around CitrixBleed , have observed the theft of session tokens from vulnerable systems that have been leveraged post patch. Identifying affected systems Customers can utilize the plugins available for CVE-2023-4966 to identify vulnerable devices.

Systems Review 74

Systems Review Authentication Analysis Malware 74

Tenable

FEBRUARY 9, 2024

critical infrastructure IT and operational technology security teams, listen up. So said cybersecurity agencies from the U.S., Cybersecurity and Infrastructure Security Agency (CISA) said in a statement. government announced it had disrupted a botnet that Volt Typhoon was using to breach critical infrastructure systems.

Weak Development Team 67

Weak Development Team Infrastructure Generative AI Artificial Inteligence 67

Tenable

SEPTEMBER 2, 2022

Securing machine learning systems. Shifting security left – meaning, starting security checks earlier in the software development process – has been widely hailed. Most companies expect developers to do security code reviews, but many don’t provide them with security training. And much more!

Security 52

Security Software Review Artificial Inteligence Technical Review 52

OTS Solutions

JUNE 21, 2023

However, as more organizations rely on these applications, the need for enterprise application security and compliance measures is becoming increasingly important. Breaches in security or compliance can result in legal liabilities, reputation damage, and financial losses.

Compliance 130

Compliance Enterprise Applications Software Review 130

Tenable

JANUARY 12, 2023

A new report from Google outlines a set of evolving threats that cloud security teams should keep an eye on in the new year. Cloud providers’ IP addresses and open ports targeted with malware. Review cloud instance audit events for unexpected administrative or user activities. OT systems to see increase in cloud attacks.

Cloud 52

Cloud Backup Malware Google Cloud 52

Kaseya

MAY 2, 2022

That said, it is becoming increasingly important to always have eyes on your systems and networks to make sure you can identify and remediate any potential threats and vulnerabilities before they cause any significant damage to your business. What is a Security Operations Center (SOC)? And that’s why we have SOC. SIEM vs. SOC.

Security 111

Security Systems Review Network Malware 111

CIO

JUNE 6, 2023

While there is endless talk about the benefits of using ChatGPT, there is not as much focus on the significant security risks surrounding it for organisations. JPMorgan Chase has limited employees’ usage of ChatGPT due to compliance concerns. What are the dangers associated with using ChatGPT? Phishing 2.0:

ChatGPT 235

ChatGPT Software Review How To Technical Review 235

Tenable

JANUARY 27, 2023

Also, check out a new toolbox for cybersecurity awareness programs. Then scan the latest list of top malware. It’s the first time the same risk has topped this annual report from insurer Allianz Global Corporate & Specialty in consecutive years. Learn all about how most IoT product makers lack vulnerability disclosure policies.

IoT 52

IoT Malware Policies Survey 52

O'Reilly Media - Ideas

MARCH 15, 2022

The future of cybersecurity is being shaped by the need for companies to secure their networks, data, devices, and identities. This includes adopting security frameworks like zero trust, which will help companies secure internal information systems and data in the cloud. Zero Trust Security.

Mobile 103

Mobile Firewall Software Review Technical Review 103

Tenable

NOVEMBER 18, 2022

Get the latest on an APT’s Log4Shell exploit; tips to prevent memory attacks; cloud security trends; metaverse security; and more! . The breach occurred in February and wasn’t discovered until mid-year when the Cybersecurity and Infrastructure Security Agency (CISA) investigated suspicious APT activity at the unnamed agency.

Cloud 52

Cloud Software Review Malware Report 52

Kaseya

APRIL 9, 2021

Although MSPs today are faced with the challenge of growing cybersecurity threats, the post-pandemic world presents a number of growth opportunities as well. MSPs can potentially add new security services to grow their existing accounts and attract new customers in 2021 and beyond. Security Is the Top Concern for MSP Clients.

Trends 105

Trends Survey Malware Systems Review 105

Tenable

MAY 2, 2023

Facing frequent and aggressive cyberattacks, local governments often struggle to defend themselves due to a lack of tools and resources. According to the Multi-State Information Sharing and Analysis Center (MS-ISAC), SLTT governments experienced more than 2,800 ransomware incidents from January 2017 through March 2021.

Government 52

Government Systems Review Technical Review Resources 52

Ivanti

SEPTEMBER 21, 2023

However, with this new technology comes new security threats. Hospitals must be aware of these risks and understand how to find, fix and secure connected medical devices to protect their patients from cyberattacks. According to a recent report, 43% of hospitals have been victims of ransomware in the past year.

Healthcare 81

Healthcare Systems Review Analytics Software Review 81

Tenable

AUGUST 26, 2022

26 | The “platformization” of hybrid cloud security. Tackling IT/OT cybersecurity challenges. Tips for complying with HIPAA’s cybersecurity rule. 1 - IDC sees shift to “platformization” of hybrid cloud security. That’s according to IDC’s “Worldwide Cloud Workload Security Forecast, 2022-2026.” . And much more!

Weak Development Team 52

Weak Development Team Software Review Technical Review Budget 52

Openxcell

NOVEMBER 28, 2023

Enterprise application security is one of the most important aspects of protecting organizations from external attacks. Over the years, cybersecurity vulnerability reports have recorded an increase in the number of security holes in enterprise applications. What is Enterprise Application Security?

Enterprise 52

Enterprise Applications Software Review Weak Development Team 52

Ivanti

FEBRUARY 14, 2024

We want to thank our customers for their support and patience over the last few weeks as we navigate the recent issues affecting Ivanti Connect Secure, Policy Secure and ZTA gateways. CISA’s directive never instructed agencies to permanently take Ivanti systems out of production. Are the numbers being reported by media true?

Policies 49

Policies Technical Review Software Review Systems Review 49

Kaseya

OCTOBER 3, 2023

Endpoint detection and response (EDR) is among the latest breed of security software designed to keep emerging and sophisticated cyberthreats like ransomware at bay. Our blog provides all the information you need about EDR. Endpoint security is the first line of defense for any organization. Give it a read. What is EDR?

Malware 52

Malware Software Review Systems Review Technical Review 52

Ivanti

AUGUST 28, 2023

In a previous blog post, I discussed the two main areas to audit before the European Union’s updated Network and Information Security Directive (NIS2) becomes ratified law in October 2024. Review your current supply chain security flaws.

Security 67

Security Technical Advisors Technical Review Compliance 67

Lacework

MAY 5, 2022

Cloud computing’s first boom began in the 1960s when virtualization — a strategy for dividing system resources between multiple applications — and time-sharing were made popular by vendors like IBM. These eras of cloud computing brought about a massive increase in security breaches and the intensification of criminalization of hackers.

Cloud 98

Cloud Development Team Review Software Review Systems Review 98

Praxent

MAY 12, 2021

Digital Transformation Outpacing Financial Institution Security. Traditional banking organizations today seek to leverage open core systems, fintech company partnerships and application programming interfaces to increase their digital visibility. Consumers leaned heavily on digital banking services.

Security 52

Security Technical Review Technical Advisors Banking 52

Palo Alto Networks

NOVEMBER 11, 2021

Business activities, once confined to secure offices on a corporate campus, have now shifted to the home with employees accessing business-critical data of varying value and sensitivity. To that end, Palo Alto Networks has recently conducted a study — The Connected Enterprise: IoT Security Report 2021.

IoT 68

IoT Malware Weak Development Team Software Review 68

PowerSchool

NOVEMBER 3, 2020

There’s no overstating the importance of cybersecurity for school districts, especially now. And with more devices in use, security policies need to be solid and consistent. They help determine security policies their district should adopt. Doing so greatly increases the security of the school district.

Training 75

Training Policies Systems Review Social 75

Palo Alto Networks

APRIL 19, 2024

On April 10, 2024 Palo Alto Networks Product Security Incident Response Team (PSIRT) learned of a suspicious exfiltration attempt at a customer site from Volexity's Steven Adair. The second bug (trusting that the files were system-generated) used the filenames as part of a command. How Was It Exploited?

Firewall 130

Firewall Systems Review Malware Software Review 130