Day: November 6, 2023
-
Cisco patches serious flaws in Firepower and Identity Services Engine
Cisco released several patches for high and critical vulnerabilities affecting several products like its Firepower network security devices, Identity Services Engine (ISE)) network access control platform, and Adaptive Security Appliance (ASA). The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging administrators to deploy the available patches because “a cyber threat actor could…
-
This new SaaS security solution aims to disrupt the market with its ‘freemium’ approach
In today’s digital landscape, SaaS has emerged as the cornerstone of contemporary business operations. According to research published earlier this year, the average employee utilizes 28 distinct SaaS applications, and in mid-size organizations, an average of seven new applications are introduced each month. However, alongside the necessary growth in SaaS usage, integrating various SaaS applications…
-
Most cloud moves found rushed as adopters underrate associated risks: Report
A new study on the current state of cloud-native security found that a considerable number of cloud adopters do not understand the security risks of moving legacy applications to the cloud, opening themselves to a number of cloud-based attacks. The study conducted by cybersecurity firm, Venafi, surveyed 800 security and IT leaders in organizations spanning…
-
Who’s Behind the SWAT USA Reshipping Service?
Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “Fearless,” the nickname chosen by the proprietor of the SWAT USA Drops service. Based in…
-
A blueprint for high-speed cloud-native security
Cloud-native environments and applications deliver unprecedented agility and scalability in a business climate that demands speed. However, they also introduce extraordinary security challenges that require more rapid event detection and response than the traditional on-premises world. Data often travels through multiple services and storage solutions, leaving security analysts to sift through an extensive data trail…
-
Organizations turn to zero trust, network segmentation as ransomware attacks double
The number of ransomware attacks (successful and unsuccessful) has doubled over the past two years. The average number of attacks per country among surveyed organizations rose from an average of 43 in 2021 to 86 in 2023. Organizations have responded by implementing zero trust and network segmentation strategies. That’s according to the State of Segmentation…
-
12 notable bug bounty programs launched in 2023
Bug bounty programs have increased significantly in popularity and use over the last several years and for good reason — they’re sexy, offering cold hard cash and the opportunity for cybersecurity experts to play detective for a good cause. More and more organizations are adopting these initiatives to tap into a vast resource of researchers…