CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy
Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access....
Cybersecurity Snapshot: 6 Things That Matter Right Now
Topics that are top of mind for the week ending Oct. 7 | CISA puts spotlight on asset inventory and vulnerability management | Think tank does deep dive on IoT security | What’s the current state of cybersecurity? Not great | New malware cracks monthly top 10 list | And much more!...
Public Network Access to Azure Resources Is Too Easy to Configure
For some types of Microsoft Azure resources and subnets, it’s extremely easy to configure what is essentially public network access. We describe here some examples and how to reduce such risks....
Die neue Exposure Management-Plattform Tenable One
Antizipieren Sie mögliche Angriffe. Reduzieren Sie proaktiv Ihr Cyberrisiko. Communicate with your key stakeholders....
Exposure Management: Risikoreduzierung auf der modernen Angriffsoberfläche
Cybersecurity-Teams haben mit reaktiven und isolierten Sicherheitsprogrammen und mit einer Vielzahl von Einzeltools zu kämpfen, die zwar haufenweise fragmentierte Daten generieren, aber nur wenige Erkenntnisse liefern. Here we explain why they need an exposure management platform that provides comprehensive visibility and allows them to anticipate...
CVE-2022-41040 and CVE-2022-41082: ProxyShell Variant Exploited in the Wild
Microsoft has confirmed reports of two zero-day vulnerabilities in Microsoft Exchange Server that have been exploited in the wild. Patches are not yet available....
Cybersecurity Snapshot: 6 Things That Matter Right Now
Topics that are top of mind for the week ending Sept. 30 | Are you ready for the quantum threat? | Tips for protecting critical infrastructure from cyberattacks | How to prevent MFA fatigue attacks | “FiGHT” to secure 5G networks | And much more!...
Diving Deeply into IAM Policy Evaluation: Highlights from AWS re:Inforce IAM433
One of the most talked-about sessions at AWS re:Inforce was IAM433, which discussed AWS IAM’s internal evaluation mechanisms....
The shift to integrated cybersecurity platforms: a growing trend among CISOs
New ESG and ISSA study shows nearly half of organizations are shifting towards integrated cybersecurity platforms. Here’s why many CISOs are making the shift. Less complexity, more security. The shift to integrated cybersecurity platforms has become a growing trend among CISOs. With security t...
Cybersecurity Snapshot: 6 Things That Matter Right Now
Topics that are top of mind for the week ending Sept. 23 | A digital trust disconnect between theory and practice | Don’t ignore attack surface management | An SBOM 101 | Report finds hackers targeting small businesses | And much more!...
Five Lessons Every Cybersecurity Team Can Learn from the Uber Incident
Upon hearing of a cybersecurity incident, alleged or factual, the most productive thing to do is learn what you can from its main lessons....
$1 Billion State and Local Cybersecurity Grant Program Now Open for Applicants
As threats continue to evolve, state and local governments benefit from federal grant funding to bolster their cybersecurity posture....
