December 10, 2024 at 10:11AM Hackers are leveraging a zero-day vulnerability in Cleo managed file transfer software to infiltrate corporate networks and execute data theft attacks. This highlights the urgent need for organizations to address security weaknesses and implement protective measures against such threats. **Meeting Notes Takeaways:** 1. **Current Threat:** Hackers are exploiting a zero-day … Read more
December 10, 2024 at 07:38AM Artivion reported a cybersecurity incident resembling a ransomware attack on November 21, 2024, resulting in data theft and file encryption. The company is investigating, has engaged external advisors, and is working to restore systems. The incident has disrupted operations but is not expected to impact finances significantly, aided by cyber … Read more
December 3, 2024 at 08:39AM Researchers warn that the GDPR’s data portability regulations, while promoting privacy, pose significant risks. Users can now easily export sensitive data, making it vulnerable to hackers. The risk extends to companies, as compromised personal accounts can lead to cyberattacks. Employees must separate personal and professional online activities to enhance security. … Read more
October 1, 2024 at 07:27AM Generative AI has transformed enterprise productivity but poses data leakage risks. A guide by LayerX offers security measures to balance innovation and security, highlighting steps for security managers: mapping AI usage, restricting personal accounts, prompting users, blocking sensitive data input, and restricting GenAI browser extensions. This nuanced approach allows reaping … Read more
September 30, 2024 at 10:48PM The U.S. Department of Justice has charged a U.K. national, Robert Westbrook, with executing a fraudulent scheme that allowed him to gain unauthorized access to corporate executives’ Microsoft 365 accounts, enabling him to generate millions in profits through securities fraud. Westbrook could face up to 20 years in prison and … Read more
September 16, 2024 at 01:21PM SecurityWeek will host the 2024 Attack Surface Management Summit as a fully immersive virtual event on September 18th. The summit will focus on foundational strategies for protecting corporate assets through reducing attack surface. Join leading cybersecurity experts to explore trends, challenges, and innovations in Attack Surface Management. Register for free … Read more
July 23, 2024 at 06:28AM Specops Software addresses the inherent security risks in traditional employee onboarding methods by offering a First Day Password feature with Specops uReset. This tool eliminates the need to share initial passwords and empowers new employees to create secure passwords through a verified system. By using this method, organizations can significantly … Read more
May 3, 2024 at 06:57AM SaaS applications are dominant in the corporate world, but they pose new security risks. LayerX’s guide “Let There Be Light: Eliminating the Risk of Shadow SaaS” addresses the challenges of unauthorized SaaS app usage, suggesting mitigation practices and comparing security controls. It recommends secure browser extensions as the most comprehensive … Read more
May 2, 2024 at 10:05AM The corporate IT landscape is shifting due to SaaS adoption and BYOD practices, providing flexible work options. However, integrating personal devices into corporate systems brings security challenges. Mobile device management and secure remote access are key solutions, along with implementing extra controls like antivirus protection and network access control to … Read more
April 10, 2024 at 02:31AM Google has introduced Chrome Enterprise Premium, targeting corporate users with AI-enhanced security features for $6 monthly per user. Gartner’s prediction about browsers becoming an enterprise platform by 2030 is becoming a reality, prompting a reevaluation of browser monetization. Chrome already offers strong security, but the Premium version provides additional AI-driven … Read more