Thanks Storm-0558! Microsoft to expand default access to cloud logs
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, …
U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity
The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less …
White House publishes National Cybersecurity Strategy Implementation Plan
The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, …
Beyond MFA: 3 steps to improve security and reduce customer authentication friction
For many people, life’s fundamental activities are now conducted online. We do our banking and shopping online, turn to the digital realm for entertainment and to access …
20 cybersecurity projects on GitHub you should check out
Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. …
ON2IT adds CISA Zero Trust Maturity Model to AUXO cloud platform
ON2IT announces the addition of the CISA Zero Trust Maturity Model into its Zero Trust as a Service platform, AUXO. Organizations can use ON2IT’s Zero Trust as a Service …
The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals
The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, …
Turla’s Snake malware network disrupted by Five Eyes’ authorities
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated …
Apple rushes fixes for exploited zero-days in iPhones and Macs (CVE-2023-28205, CVE-2023-28206)
Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. Reported by …
Millions still exposed despite available fixes
Although KEV catalog vulnerabilities are frequent targets of APT Groups, a large and exploitable attack surface remains due to software vendors’ lack of awareness and …
CISA releases free tool for detecting malicious activity in Microsoft cloud environments
Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) cloud environments have a new free solution …
CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs
Organizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US …