Category: HelpnetSecurity

Organizations prefer a combination of AI and human analysts to monitor their digital supply chain
14
Dec
2023

Organizations prefer a combination of AI and human analysts to monitor their digital supply chain

The number of cyber breaches targeting organizations’ supply chains continues to rise, with an average 4.16 breaches reported to be…

SAFE Materiality Assessment Module identifies top cyber risk scenarios
13
Dec
2023

SAFE Materiality Assessment Module identifies top cyber risk scenarios

Safe Security announced its new SAFE Materiality Assessment Module, enabling security and risk leaders to achieve SEC compliance by estimating…

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
13
Dec
2023

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications…

Drata unveils Third-Party Risk Management offering to help security teams identify risks
13
Dec
2023

Drata unveils Third-Party Risk Management offering to help security teams identify risks

Drata announced its Third-Party Risk Management (TPRM) offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized…

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)
13
Dec
2023

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively…

Which cybersecurity controls are organizations struggling with?
13
Dec
2023

Which cybersecurity controls are organizations struggling with?

How are organizations performing across cybersecurity controls in the Minimum Viable Secure Product (MVSP) framework? A recent analysis by Bitsight…

Guide: Application security posture management deep dive
13
Dec
2023

Guide: Application security posture management deep dive

Distinguishing real, business-critical application risks is more challenging than ever. A siloed, ad hoc approach to AppSec generates noisy false…

Industry regulations and standards are driving OT security priorities
13
Dec
2023

Industry regulations and standards are driving OT security priorities

When it comes to ransomware attacks, the impact on OT environments is catching up to the impact on IT environments,…

Shifting data protection regulations show why businesses must put privacy at their core
13
Dec
2023

Shifting data protection regulations show why businesses must put privacy at their core

Like it or not, data protection will be one of the biggest issues organizations face in 2024. Knowing where to…

ThreatNG open-source datasets aim to improve cybersecurity practices
13
Dec
2023

ThreatNG open-source datasets aim to improve cybersecurity practices

The ThreatNG Governance and Compliance Dataset is an open-source initiative that aims to democratize access to critical data, fostering transparency,…

December 2023 Patch Tuesday: 33 fixes to wind the year down
12
Dec
2023

December 2023 Patch Tuesday: 33 fixes to wind the year down

Microsoft’s December 2023 Patch Tuesday is a light one: 33 patches, only four of which are deemed critical. “This month,…

Censys unveils two new product tiers to help researchers enhance their threat hunting work
12
Dec
2023

Censys unveils two new product tiers to help researchers enhance their threat hunting work

Censys announced two new product tiers of its search tool, Censys Search Solo and Censys Search Teams. These additions are…