-
How to conduct a tabletop exercise
PRIVACY PRIVACY Tabletop exercises give your organization an opportunity to practice incident response plans. They are both an opportunity to rehearse and revise existing plans and a training opportunity for new employees. Done well, tabletop exercises “allow for the discovery of ways to reduce your threat surface,” says Stephen Jensen, senior director of operations at…
-
DOJ Recovers $500K Paid to North Korean Ransomware Actors
PRIVACY PRIVACY Payments were made by at least two healthcare providers Read More
-
What is an SBOM? Software bill of materials explained
PRIVACY PRIVACY An SBOM is a formal, structured record that not only details the components of a software product, but also describes their supply chain relationship. An SBOM outlines both what packages and libraries went into your application and the relationship between those packages and libraries and other upstream projects—something that’s of particular importance when…
-
Cato Networks launches SSE system with customizable DLP capabilities
PRIVACY PRIVACY Israel-based SASE (secure access service edge) provider Cato Networks has announced a security service edge (SSE) offering, Cato SSE 360, that includes Cato DLP, a capability for data loss protection across business applications that allows for customizable rules. Along with SSE 360, Cato is also offering a new expert certification for the SSE …
-
GPS trackers used for vehicle fleet management can be hijacked by hackers
PRIVACY PRIVACY Hackers can exploit vulnerabilities in a popular GPS tracking device used around the world for vehicle fleet management across many industry sectors. The tracker, made by a Chinese company called MiCODUS, is widely available to purchase from online retailers and has anti-theft, fuel cut off, remote control, and geofencing capabilities. “The exploitation of…
-
Who on earth would be trying to promote EC-Council University via comment spam on my website?
PRIVACY PRIVACY I can’t tell you not to seek ethical hacking certification from EC-Council. But I can suggest that if you are looking for an online university to boost your cybersecurity career, you don’t settle for an outfit that has proven itself to be of questionable ethics and utterly clueless. Read More
-
Albanian Government Hit by “Massive Cyber-Attack”
PRIVACY PRIVACY Albanian government websites have been forced offline following the incident Read More
-
NSO Group’s Pegasus Spyware Used against Thailand Pro-Democracy Activists and Leaders
PRIVACY PRIVACY Yet another basic human rights violation, courtesy of NSO Group: Citizen Lab has the details: Key Findings We discovered an extensive espionage campaign targeting Thai pro-democracy protesters, and activists calling for reforms to the monarchy. We forensically confirmed that at least 30 individuals were infected with NSO Group’s Pegasus spyware. The observed infections…
-
Foundational Security for Your Software Supply Chain
PRIVACY PRIVACY We worked with Aqua Security to develop the CIS Software Supply Chain Security Guide using our CIS Benchmarks consensus process. Read More
-
Former Conti Actors Remain Active in Cybercrime Underworld
PRIVACY PRIVACY Researchers have observed signs of overlap between several ransomware gangs and Conti Read More