#RiskMitigation

Third-Party Cyber Attacks: The Threat No One Sees Coming – Here’s How to Stop Them

by

June 6, 2024 at 08:30AM Cybersixgill’s threat experts shed light on the critical threats posed by supply chain attacks, targeting organizations’ third-party vendors and suppliers. These attacks provide unauthorized access to sensitive information, resulting in financial losses, data breaches, and operational disruptions. With an increasing number of cybercriminals targeting the supply chain, it is essential … Read more

Delta Electronics CNCSoft-G2 DOPSoft DPAX

by

April 30, 2024 at 10:47AM Summary: The vulnerability report concerns Delta Electronics’ CNCSoft-G2 software, where a stack-based buffer overflow could lead to arbitrary code execution. Versions 2.0.0.5 and prior are affected. The report includes mitigation measures, a risk evaluation, affected products, technical details, and background information. CVE-2024-4192 has been assigned to this vulnerability. From the … Read more

Zafran Emerges From Stealth With Risk and Mitigation Platform, $30M in Funding

by

March 28, 2024 at 09:12AM Israeli cybersecurity company Zafran emerged from stealth mode, unveiling its $30 million funding and a risk mitigation platform. Founded in 2022 by Sanaz Yashar, Ben Seri, and Snir Havdala, the firm’s platform leverages security tools to address vulnerabilities. Their industry-first mitigation knowledgebase works with endpoint detection, firewall, and cloud products. … Read more

Getting Security Remediation on the Boardroom Agenda

by

March 27, 2024 at 09:25AM IT teams can improve their resilience to scrutiny by educating their board on risks, their mitigation, and their long-term strategy for risk management. Based on the meeting notes, the key takeaways are that the IT teams need to improve their ability to handle scrutiny by guiding the board in understanding … Read more

Hackers Posing as Law Firms Phish Global Orgs in Multiple Languages

by

March 20, 2024 at 08:03AM Law firms are entrusted with extremely sensitive data by companies, making them a target for attackers seeking to deliver malware by exploiting this trust. Based on the meeting notes, it seems that the discussion centered around the trust that companies place in lawyers with their sensitive information and the potential … Read more

Fortra Releases Update on Critical Severity RCE Flaw

by

March 19, 2024 at 05:52PM The flaw has a high CVSS rating of 9.8, prompting the company to advise product upgrades for resolution. Based on the meeting notes, the flaw has a CVSS rating of 9.8, and the company recommends product upgrades to fix the issue. Full Article

3 Ways Businesses Can Overcome the Cybersecurity Skills Shortage

by

March 18, 2024 at 01:08AM Businesses must creatively defend against cybersecurity threats due to budget constraints and limited skilled talent. It seems that the main takeaway from the meeting notes is that businesses are facing challenges due to budget constraints and a limited supply of skilled talent in defending against cybersecurity threats. The notes emphasize … Read more

Tenable Introduces Visibility Across IT, OT, and IoT Domains

by

February 29, 2024 at 04:46PM Tenable® released Tenable One for OT/IoT, the first exposure management platform offering comprehensive visibility into assets across IT, operational technology (OT), and IoT environments. This solution aims to address the increasing cyber attack surface due to interconnected assets, providing actionable risk intelligence to mitigate operational risks and prioritize security measures. … Read more

Hack The Box Launches Certified Web Exploitation Expert As Demand for Risk Mitigation Grows

by

February 26, 2024 at 04:05PM Hack The Box has introduced the Hack The Box Certified Web Exploitation Expert (HTB CWEE) certification to address the increasing cyber threats and diverse web environment. The rigorous hands-on certification assesses candidates’ ability to identify elusive web vulnerabilities and enhances their skills in web security and penetration testing. Haris Pylarinos, … Read more

Combined Security Practices Changing the Game for Risk Management

by

February 5, 2024 at 06:27AM The current challenge in cyber security lies in the lack of effective risk management platforms, leading to alert fatigue and unmitigated risks. Combining NIST, MITRE, and NCSC frameworks offers a solution to mitigate these risks and enable proactive threat response. The SHQ Response Platform incorporates these frameworks to simplify risk … Read more