CISOs struggling to understand value of security controls data
Many CISOs are grappling with the conundrum of the purpose and value of security controls data in supporting critical business decisions, according to Panaseer. The biggest …
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)
The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental …
VMware patches critical vulnerability in vCenter Server (CVE-2023-34048)
VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) and a moderate-severity information disclosure flaw (CVE-2023-34056) in vCenter Server, its …
What is operational risk and why should you care? Assessing SEC rule readiness for OT and IoT
The newly released Security and Exchange Commission (SEC) cyber incident disclosure rules have been met with mixed reviews. Of particular concern is whether public companies …
Security leaders have good reasons to fear AI-generated attacks
Generative AI is likely behind the increases in both the volume and sophistication of email attacks that organizations have experienced in the past few months, and it’s …
Consumers are taking action to protect their privacy
Younger consumers are taking deliberate action to protect their privacy, as 42% of consumers aged 18-24 exercise their Data Subject Access Rights, compared with just 6% for …
1Password also affected by Okta Support System breach
Following in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach. “On September 29, we …
Bracing for AI-enabled ransomware and cyber extortion attacks
AI has been the shiniest thing in tech since at least November 2022, when ChatGPT was made available to the masses and unveiled the transformative potential of large language …
Wazuh: Free and open-source XDR and SIEM
Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings. …
The primary pain points for SOC teams
Security professionals want to pursue high-impact work, but they’re being held back by growing workloads, shrinking budgets, and a worsening skills shortage, according to …
Today’s CIO has ambitions well beyond IT delivery
45% of CIOs are beginning to work with their CxO peers to bring IT and business area staff together to co-lead digital delivery on an enterprise-wide scale, according to …
Microsoft announces wider availability of AI-powered Security Copilot
Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? …