Recently published blogs
Let’s shed some light on this new vulnerability published by Palo Alto Networks. First off, what exactly is CVE-2024-3400? It’s a vulnerability in the GlobalProtect feature of Palo Alto Networks’ PAN-OS software, with the highest severity score of 10.
Palo Alto Networks published vulnerability CVE-2024-3400 that allows unauthenticated command injection (RCE) in the GlobalProtect feature of Palo Alto Networks PAN-OS software. Specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
For enterprises large and small, remote access is no longer a luxury; it’s an imperative. The once-crystal-clear boundaries between “work” and “home” have blurred, creating a tapestry of workspaces as diverse as the people who populate them.
Let’s assume for a moment that, one day, perhaps sooner, perhaps later, you will face the reality of a ransomware attack. Chances are that, in the moment, your cybersecurity team will turn to you as the decision maker.
Hollywood has a knack for dramatizing the digital battlefield. Let’s peel back the Hollywood façade and shine a light on what cybersecurity really looks like in the command centers of SOCs and CSIRTS.
A Cyber Security Incident Response Team is the emergency room of cybersecurity. You don’t want to need one, but once something bad happens, the ER doctors might just save your life. You don’t want to need critical incident response, but once a cyber incident occurs, you’ll be glad you have a team ready.
Prevention should be the holy grail of any cybersecurity strategy, but we know that 100% prevention is not realistic. So, what exactly happens when a serious threat is detected? Using a recent incident as an example, it is enlightening to follow the chain of events that starts when human SOC analysts decide that CSIRT action is required.
NIS2 has been in effect since January 2023, with a deadline of October 2024 for EU member states to publish and implement policy. Not only does NIS2 dictate new, stricter cybersecurity guidelines, but if European legislators can prove gross negligence, fines for both your company and you as the CEO of the company will be quite significant.
Multiplying these factors gives a numerical depiction of risk, aiding in its prioritization and management. For instance, a high-impact but low-likelihood event might be deemed acceptable. Yet, an event with moderate impact and high likelihood could be perceived as riskier. Real-world risk assessment is, of course, more intricate than this … Read more
One of the most notable data breaches this year was the MGM Resorts attack, which not only caused serious disruptions to MGM’s business, but also had far-reaching implications for their supply chain.
Though Zero Trust is here to stay, that doesn’t mean implementation is easy. Rob Maas is one of the leading Zero Trust consultants and the Field CTO at ON2IT. In this blog series, he’ll provide background and tips based on his years of practical experience implementing Zero Trust.
In our interconnected digital age, robust cybersecurity is as much about understanding what you’re defending as it is about the intricacies of the defenses themselves. Think of digital assets as a vast castle.
Many companies don’t stop to think about the status of their cybersecurity until a problem arises. Whether it’s a sudden transition to remote work or the abrupt implementation or alteration of compliance guidelines, the moment to then start thinking about your cybersecurity will already have passed.
In the digital age, where the fabric of our interconnected world is woven with threads of data and technology, the imperative for cyber resilience has never been more urgent.
As a CISO, or a head of IT: how do you appeal to the board to make sure they understand the value of good cybersecurity? In this blog, we offer some guidelines in the shape of a fictional speech to the board. Thank you for giving me the opportunity to … Read more
KEEP UP WITH
OUR LATEST RESEARCH
Want to stay in the loop on our latest cybersecurity research?
Sign up and get cybersecurity updates delivered straight to your inbox.
