June 13, 2024 at 05:33PM KnowBe4 announced its new Risk & Insurance Partner Program to address the rising cyber threats. The program offers exclusive discounts and aims to combine KnowBe4’s platform with partners’ cyber risk expertise. CEO Stu Sjouwerman emphasized the need to better protect customers from evolving cyber threats and encouraged interested parties to … Read more
June 13, 2024 at 01:25PM A proof-of-concept exploit for Veeam Recovery Orchestrator vulnerability tracked as CVE-2024-29855 has been released by security researcher Sina Kheirkha. The exploit allows unauthenticated access to the web UI with administrative privileges due to a hardcoded JWT secret. Veeam’s security bulletin suggests upgrading to patched versions and provides conditions required to … Read more
May 31, 2024 at 07:36AM Proton and Constella Intelligence found hundreds of British, French, and European Parliament politicians’ email addresses on dark web marketplaces. 918 addresses were leaked, with 68% of British MPs affected. Proton warned that using government email addresses for third-party services puts politicians and sensitive information at risk, as exposed passwords and … Read more
May 21, 2024 at 01:36PM The EPA states that nearly 70% of US community drinking water systems fail to comply with the Safe Drinking Water Act, including cybersecurity standards. The agency has announced plans to increase enforcement, as Russia and Iran have stepped up cyberattacks. The EPA has outlined top actions for securing water systems … Read more
May 9, 2024 at 04:22PM CyberProof, a UST company, has extended its partnership with Google Cloud to enhance its managed XDR services. By integrating Google Chronicle Security Operations, CyberProof offers an end-to-end solution to visualize and mitigate cyber risk for enterprises migrating to the cloud. This collaboration aims to provide intel-led cybersecurity solutions at cloud … Read more
May 1, 2024 at 07:21PM UnitedHealth’s Change Healthcare subsidiary paid $22 million ransom to attackers who breached its systems in February. The breach’s scope may be larger than known, as CEO Andrew Witty testified before Congress. The breach revealed poor security practices, impacting data security for PII and PHI. The long-term impact and next steps … Read more
April 17, 2024 at 11:31AM Armis has acquired Silk Security for $150 million to enhance its Centrix Vulnerability Prioritization and Remediation product. It aims to provide security and developer teams with a consolidated view of security findings from various sources. Silk Security, which emerged from stealth mode in 2023, has raised $12.5 million. This acquisition … Read more
April 16, 2024 at 04:00PM Enterprise AI transformation readiness requires devices capable of running AI applications. Absolute Security’s analysis found majority of organizations need system updates or replacements to be AI-ready. Absolute Security’s Cyber Resilience Risk Index 2024, based on telemetry from millions of devices, reveals most enterprise PCs lack the minimum 32 GB RAM … Read more
April 12, 2024 at 01:35PM The text “Cybersecurity Decluttered: A Journey to Consolidation” discusses the evolving cybersecurity landscape and the need for businesses to streamline their security stack. It emphasizes the challenges of managing disparate security tools and proposes a consolidation strategy to achieve a core set of safeguards. The authors advocate for a proactive … Read more
April 5, 2024 at 07:33AM Compliance requirements continuously evolve to address cybersecurity threats. CISOs’ perceptions of compliance vary based on factors like organization size, industry, and legal requirements. They seek strategies to mitigate the burden of compliance, but emphasize that being compliant does not guarantee security. Compliance can also serve as a business enabler, enabling … Read more