Risk Management October 9, 2023

Moving beyond vulnerability scanning to strengthen your attack surface

5 min read - Staying one step ahead of potential breaches is a top priority for security teams within organizations of all sizes. Vulnerability scanning has long been a foundation of these efforts, allowing businesses to identify weaknesses in their security posture. However, as…

News July 19, 2023

The MOVEit breach impact and fallout: How can you respond?

4 min read - The MOVEit breach could be the most devastating exploitation of a zero-day vulnerability ever, and the effects continue to ripple across the globe. The widely used file-transfer program’s vulnerability has led to new victims coming forward weekly. Recently, the New…

Application Security July 17, 2023

The top 10 API security risks OWASP list for 2023

5 min read - As more organizations rely on the automation and scale that web applications and connected services provide, application programming interface (API) security has become imperative. In just the last year alone, unique attackers targeting customer APIs grew by 400%, proving that…

News May 31, 2023

HHS releases hospital cyber resiliency landscape analysis

4 min read - On April 17, 2023, The U.S. Department of Health and Human Services (HHS) 405(d) Program announced the release of its Hospital Cyber Resiliency Initiative Landscape Analysis. This landmark analysis reports on domestic hospitals’ current state of cybersecurity preparedness. The scope…

Risk Management February 24, 2023

With 40% of Log4j downloads still vulnerable, security retrofitting needs to be a full-time job

4 min read - Vulnerabilities like Log4j remain responsible for security breaches a full year after the discovery of the flaw. In the months after widespread reporting about the vulnerability, 40% of Log4j downloads remained vulnerable to exploitation. Rapid response — by both security…

Risk Management December 21, 2022

Don’t wait to embrace CISA’s vulnerability management rules

4 min read - Vulnerability management is the time-consuming process of finding and patching a seemingly unlimited number of potential risks. The National Institute of Standards and Technology (NIST) reports more than 23,000 new vulnerabilities for 2022, where more than 17,000 are classified as…

Data Protection November 29, 2021

What the SEC Requires From Businesses After a Data Breach

4 min read - Consumers have become wary of data breaches and the decreased safety of their personal information. However, the cost of a data breach is no longer only a matter of money and your company’s good name. There is now a third…

Software Vulnerabilities August 17, 2020

New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud

4 min read - X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in other words, hybrid multicloud. The report, “The State of Vulnerability Management in the Cloud and On-Premises,”…

Software Vulnerabilities August 6, 2020

Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away

5 min read - Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock still remains a threat to enterprise.   The threat is certainly less risky…

June 1, 2020

Weekly Security News Roundup: Average Ransomware Demand Grew 14 Times in One Year

3 min read - Researchers revealed that the average ransomware demand grew 14 times over a one-year period from 2018 to 2019. Read on to learn what else happened last week in security news.