Month: December 2024
We look back at the internet’s scariest moments, the boldest defenders, and the most surprising tech twists of 2024—groundbreaking legislation, international scam-rings, and the growing fight to make the internet a safer place for everyone. Happy New Year! Source link lol
Read More
Mid-sized enterprises increasingly find themselves in need of a CNAPP, as their cloud adoption matures. But how should they go about selecting the right one? What questions should they ask and what criteria should they use? Here we unpack six key considerations that’ll help them evaluate their options and make an informed decision. As cloud…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
Read MoreLinux–Linux In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are selected, cpu_max_bits_warn() generates a runtime warning similar as below when showing /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs. [ 3.052463] ————[ cut here ]————…
Read More
In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission (SEC)began enforcing new cybersecurity disclosure rules. This pushed C-level executives and boards to adopt measures for compliance and transparency. In this post, we look at the enforcement actions the SEC has taken and what public company CISOs should do to stay in compliance.…
Read More
Wondering what cybersecurity trends will have the most impact in 2025? Check out six predictions from Tenable experts about cyber issues that should be on your radar screen in the new year — including AI security, data protection, cloud security … and much more! 1 – Data protection will become even more critical as AI…
Read More
Chester Frilich lost everything to scammers, and he didn’t just lose his money—he lost hope, too. Bob Sullivan joins us to recount this devastating case, revealing the IRS’s unintentional role in punishing victims, and how advocacy and legislation could turn things around. Source link lol
Read MoreMS-ISAC ADVISORY NUMBER: 2024-141 DATE(S) ISSUED: 12/23/2024 OVERVIEW: A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source web application framework used for developing Java web applications. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-44207 Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of…
Read More
Xerox says the deal, unveiled Monday, will ‘strengthen the Xerox core print portfolio and build a broader global print and managed print services business better suited to meet the evolving needs of clients in the hybrid workplace.’ Global print giant Xerox said it has struck a deal to buy rival, partner and supplier Lexmark for $1.5 billion from the company’s Chinese owners in a…
Read More