U.S. government cybersecurity experts are providing guidance on the "top 10" most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.
Microsoft has released new Zero Trust guidance for Azure Active Directory (Azure AD). The guidance is part of a broader "Zero Trust Security Strategy" to help organizations provide more secure access to corporate resources.
Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST's Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.
The Australian Cyber Security Centre (ACSC) has released new guidelines to assist organizations in securing Content Management Systems (CMS). The guidelines include good mitigation advice in areas of patching, account management, hardening and monitoring to name a few.
The National Security Agency (NSA) has released guidelines to help organizations mitigate cloud vulnerabilities. The NSA document includes four classes of vulnerabilities at most risk to threat actors.
Microsoft has introduced a new source code analyzer tool dubbed Microsoft Application Inspector. The tool is designed to "identify interesting features in source code" and can help enable developers understand software components your apps use.
On May 12, 2017, the now infamous WannaCry ransomware burst onto the worldwide scene. WannaCry infected over 200,000 systems and 150 countries in just 3 days.
The Open Web Application Security Project (OWASP) has released its OWASP API Security Top 10 2019. This is the first version of the API Top 10. OWASP will likely update the guidelines every three to fours years, similar to the other OWASP Top 10 series.
Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.
GitHub, one of the world’s leading software development platforms, has launched GitHub Security Lab with aim to secure open source software.