Cybersecurity

RSS

Blumira research team has discovered an alternative attack vector in the Log4j vulnerability that relies on a basic Javascript WebSocket connection to trigger the RCE locally via drive-by compromise.

Here are seven questions to ask vendors to guide your organization's evaluation of enterprise resource planning (ERP) application security, risk and compliance solutions.

Make your list and check it twice: by prioritizing authentication, eliminating passwords, deploying MFA and focusing on user experience, retail enterprise security leaders can ensure that hackers only get a lump of coal in their stockings.

Let's look at how to get the most out of your Product Security Incident Response Team (PSIRT) investment.

As retailers prepare for one of the busiest times of the year, let’s discuss some of the challenges and priorities to consider now to manage the evolving cybersecurity landscape ahead of the holidays.

As many have seen, the Log4Shell vulnerability, which was discovered over the weekend, is an extremely serious flaw and will likely impact organizations for years to come. Here’s what we know thus far, and how enterprises can remain safe as this vulnerability persists.
 

The Chief Information Security Officer (CISO) role has evolved greatly since its inception in 1995. Review the pros and cons of different CISO reporting models when it comes to business resilience and cybersecurity.

Albert King, the Chief Data Officer of the Scottish Government, discussed the key aspects involved in Scotland's artificial intelligence (AI) strategy in a session of Cognilytica's AI in Government speaker series. The country prioritizes data as a means to improve decision-making and enable national goals.

Cybersecurity leaders are concerned that attackers could further weaponize the Log4j security vulnerability by creating a "worm" that spreads automatically from one vulnerable device to another. 

A Vulcan Cyber study highlights the struggle of IT security teams to transition from simple vulnerability identification to meaningful response and mitigation, limiting the risk insights business leaders and IT management professionals need to effectively protect valuable business assets.