102 matches found
How to Reduce Your Risk with Proactive VM Strategies
Current cybersecurity challenges demand more than just reactive measures. A significant hurdle many organizations face is the effective remediation of vulnerabilities within their IT infrastructure. Recognizing this, security teams are increasingly turning to sophisticated vulnerability managemen...
The UK’s GPS Tagging of Migrants Has Been Ruled Illegal
The UK’s privacy regulator says the government did not take into account the intrusiveness of ankle tags that continuously monitor a person’s location...
Are You Ready for PCI DSS 4.0?
The Payment Card Industry Data Security Standard PCI DSS is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure payment card systems. In...
Closing the Visibility Gap: How Qualys Cloud Agent Passive Sensor (CAPS) Eliminates Blind Spots Without the Hassle
In modern networks, the most significant risks come from systems that fall through the cracks. Modern networks are full of unknown and unmanaged assets. Some are seemingly benign devices introduced by well-meaning employees or contractors that can turn rogue. While some of these may be genuinely...
The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data breaches are...
Introducing Security Advisor Site Scores for OneView: Easy assessment of client security for MSPs
In a world rife with cyber threats, it is crucial for Managed Service Providers MSPs to conduct thorough assessments of their clients’ security posture. Even minor misconfigurations, if overlooked, can leave clients vulnerable to attacks. Yet, lacking the necessary tools, many MSP IT teams are in...
Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords
Passwords are at the core of securing access to an organization's data. However, they also come with security vulnerabilities that stem from their inconvenience. With a growing list of credentials to keep track of, the average end-user can default to shortcuts. Instead of creating a strong and...
Which security framework? All of them, in the SCF
TL;DR: All roads lead to Rome. There are plenty of ways to meet your security requirements ISO 27001 is not everything. There, I said it What is the Secure Controls Framework SCF? Why you should consider SCF on your journey to security excellence PTP has a myriad of customers coming for help to...
Hive Pro Recognized in 2023 Gartner® Hype Cycle™ for Security Operations & Market Guide™ for Vulnerability Assessment
HERNDON, Va., Sept. 7, 2023 - Hive Pro®, a pioneer vendor of Threat Exposure Management is now featured in two prominent Gartner publications that spotlight industry leaders and innovators: The Market Guide™ for Vulnerability Assessment 2023 and The Hype Cycle for Security Operations 2023. As cyb...
New TSA Cybersecurity Emergency Action Rule Impacts Cybersecurity and Compliance
On March 7, 2023, in the wake of President Joe Biden’s National Cybersecurity Strategy announcement, the U.S. Transportation Security Administration TSA issued a cybersecurity emergency action amendment for certain regulated airport and aircraft operators. The new Action Rule can have significant...
Get Unified Cloud and Endpoint Security: Only $1 for 1,000 Assets for all of 2023!
As the new year begins, it's more important than ever to protect your business from the constantly evolving cyber threats that could compromise your valuable assets. But who wants to pay an arm and a leg for top-tier security? With this Uptycs introductory offer, you do not have to. Kickstart the...
Penetration Testing or Vulnerability Scanning? What's the Difference?
Pentesting and vulnerability scanning are often confused for the same service. The problem is, business owners often use one when they really need the other. Let's dive in and explain the differences. People frequently confuse penetration testing and vulnerability scanning, and it's easy to see...
APT Cyber Tools Targeting ICS/SCADA Devices
Summary Actions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-uniqu...
Beneath the surface: Uncovering the shift in web skimming
Microsoft security researchers recently observed that web skimming campaigns now employ various obfuscation techniques to deliver and hide skimming scripts. It’s a shift from earlier tactics where attackers conspicuously injected malicious scripts into e-commerce platforms and content management...
Update: Destructive Malware Targeting Organizations in Ukraine
Summary Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Updated April 28, 2022 This advisor...
Zero-Trust For All: A Practical Guide
While “zero-trust architecture” has become a buzz phrase, there’s plenty of confusion as to what it actually is. Is it a concept? A standard? A framework? An actual set of technology platforms? According to security experts, it’s best described as a fresh mindset for approaching cybersecurity...
Cisco Secure Network Analytics Cross-Site Scripting Vulnerability
Cisco Secure Network Analytics is one of the most comprehensive visibility and network traffic analysis Nta/network detection and response Ndr solutions from Cisco. A cross-site scripting vulnerability exists in versions prior to Cisco Secure Network Analytics 2.1.1, which provides continuous,...
Cloud Security and Compliance: The Ultimate Frenemies of Financial Services
Meeting compliance standards as a financial services finserv company can be incredibly time-consuming and expensive. Finserv has some of the highest regulatory bars to clear out of any industry — with the exception, perhaps, of healthcare. That said, these regulations exist for good reason. Even...
How to Secure Your SaaS Stack with a SaaS Security Posture Management Solution
Whether it’s Office 365, Salesforce, Slack, GitHub or Zoom, all SaaS apps include a host of security features designed to protect the business and its data. The job of ensuring that all the apps have proper security settings and are configured correctly falls on the security team. The challenge...
OMIGOD: How to Automatically Detect and Fix Microsoft Azure’s New OMI Vulnerability
Update: On September 16, 2021, Microsoft released an updated OMS agent v1.13.40-0 that addresses these vulnerabilities. You can download the updated version from Microsoft's GitHub repo here. In response, our team is updating the pre-built insight in InsightCloudSec to specifically look for...