Three CISOs Share How to Run an Effective SOC

The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape of digital threats while fostering innovation and ensuring business continuity. Three CISOs; Troy Wilkinson, CISO at IPG; Rob Geurtsen, former Deputy CISO at Nike; and Tammy Moskites...

Part II: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically

In Part I of this three-part blog series, we discussed building a cyber risk metrics program from the ground up. We also discovered how to implement effective strategies for holistically articulating your cyber risk posture across your organization. In our second installment, we’ll delve deeper...

Holistic API Security Strategy for 2023

In the digital landscape of 2023, Application Programming Interfaces APIs have taken center stage in business operations. APIs act as the backbone of many digital services, enabling software applications to communicate and exchange data with each other. As businesses increasingly rely on APIs for...

Winning the Mind Game: The Role of the Ransomware Negotiator

Get exclusive insights from a real ransomware negotiator who shares authentic stories from network hostage situations and how he managed them. The Ransomware Industry Ransomware is an industry. As such, it has its own business logic: organizations pay money, in crypto-currency, in order to regain...

VulnCheck KEV: CVE-2021-43287

An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers...

Build Security Muscle Memory With Tabletop Exercises

When I was in grade school, I played football. I was scrawny and afraid to go up against anyone bigger than I was essentially everyone. I always hated Oklahoma drills and scrimmages with my team. For quite some time, I avoided “the tunnel” hoping to evade facing the bigger linemen. My coach sat m...

PT-2023-1918

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions 11.0.1.1261 through 12.0.0.1420 Description A flaw exists in the Veeam Backup & Replication software that allows an unauthenticated user with network access to obtain encrypted credentials stored in the...

Why Attackers Target the Healthcare Industry

Key Takeaways: Personal health information PHI is an incredibly valuable category of personal data. When compromised and sold on the dark web, this data can be sold for thousands of dollars. Healthcare is a valuable target to attackers, including the group Killnet, which targeted healthcare sites...

Hospitals Hit by DDoS Attacks as Killnet Group Targets the Healthcare Sector – What You Need to do Now

The increase in DDoS attacks on healthcare organizations in the US in the last 48 hours by the Pro-Russian hacktivist group Killnet has become a serious concern. These types of attacks are designed to overload a network or system with traffic, making it difficult or impossible for users to access...

Get your head in the cloud(s)

Many organizations are in the midst of adopting the cloud faster than ever before; it’s arguably mission critical for their success and longevity. Just look at initiatives like digital transformation or even the digital twin which aims to bridge the gap between the physical and the digital by...

PT-2022-6956 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: The issue is related to the Connectivity Fault Management CFM feature of Cisco IOS XR Software. It is caused by incorrect processing of invalid continuity check messages CCMs,...

Fedora: Security Advisory for golang-github-containerd-continuity (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-containerd-continuity-0.2.2-4.fc36

A transport-agnostic, filesystem metadata manifest system...

Fedora: Security Advisory for golang-github-containerd-continuity (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Four Reasons why you Should Consider Contingency DDoS Protection

The experts agree that Imperva is solidly positioned as a leader in Distributed Denial of Service DDoS mitigation. Over our many years as leaders in this space, we have determined that no matter how reliable your current DDoS protection is, there is always a chance that your network infrastructur...

Fedora: Security Advisory for golang-github-containerd-continuity (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-containerd-continuity-0.2.2-3.fc36

A transport-agnostic, filesystem metadata manifest system...

Transitioning to a Risk-based Approach to Cybersecurity

For todays CISOs, managing cyber risk is Job 1, and its a full-time concern. This was communicated loud and clear when Qualys recently hosted several CISOs and cybersecurity executives from our global enterprise customer base at our Strategic Advisory Board meeting in London. Their teams are...

Fedora: Security Advisory for golang-github-containerd-continuity (FEDORA-2022-08ae2dd481)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-containerd-continuity-0.2.2-2.fc36

A transport-agnostic, filesystem metadata manifest system...