Why Do I Need SOC 2?
Whenever you serve the public, trust is everything. Your customers must have faith that you'll protect their personal information. How can you assure potential new clients that your business is worthy of their trust? One approach is to undergo a System and...
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Twilio and Cloudfare employees have seen targeted attacks against them in a much larger phishing campaign. The phishing campaign has successfully compromised 9,931 accounts across 130 different organizations. The campaign focused on the abuse of identity and access...
Python Developers are Targeted by WASP Stealer in an Ongoing Attack on Supply Chain
An ongoing supply chain attack has seen the spread of the W4SP Stealer virus. So far, the malicious Python packages have infected over 100 persons. In a technical write-up, Checkmarx researcher Josef Harush echoes that the threat actor is still active and sending out...
Zero-Trust Initiatives Stall, as Cyberattack Costs Rocket to $1M Per Incident
Both large and medium-sized organizations need help to offset increasing data losses and a steep increase in downtime. As if this was not enough, organizations must also be content with high recovery costs after a cyber-attack. A cyberattack costs an organization...
Former Uber CISO Joe Sullivan Found Guilty Over Breach Cover-Up
Sullivan was arrested and charged with two felonies: obstruction of justice and misprision. During his tenure as Chief Security Officer (CSO) at Uber (April 2015–November 2017), the firm suffered a data breach in which over 50 million customers and drivers' personal...
Windows Mark of the Web Zero-Days Remain Patchless
Microsoft's Mark of the Web (MOTW) is a security feature that prevents malicious files and attachments from being downloaded or opened. However, two independent vulnerabilities exist in various versions of Windows that allow attackers to bypass this protection. Will...
Are You Ready for the New ISO 27001:2022?
This year has seen the first significant update to ISO 27002 since 2013. These modifications reflect in Annex A's security controls for organizations with ISO 27001 certification. ISO 27001 is a standard for ISMS (information security management systems) that...
SOC 2 Compliance 101: All You Need to Know
Blog Protecting consumers' personal information is crucial for modern businesses. SOC 2 is the industry standard for handling this significant responsibility to ensure dependable security procedures. This all-inclusive guide will explain the concept of SOC 2...
Effects of Cloud Complexities on Cybersecurity
Venafi, a company that makes artificial ID solutions, recently conducted a study to learn more about the effects of cloud complexities on cybersecurity. According to a poll conducted by Venafi among 1,101 security decision-makers (SDMs) at enterprises with over 1,000...
VMware ESXi Hypervisors Vulnerable to a New and Deadly Attack Method
According to the security firm, a threat actor headquartered in China utilized tainted vSphere Installation Bundles to plant multiple backdoors in targeted computers. VMware published urgent new mitigation measures and advice for customers of its vSphere virtualized...