To celebrate Cyber Awareness Month, we’re releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). Last week, we talked about the “Detect” Security Function, which you can find here. We’ll take you…

To celebrate Cyber Awareness Month, we’re releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). Last week, we talked about the “Recover” Security Function, which you can find here. We’ll take…

To celebrate Cyber Awareness Month, we’ve been releasing a series of posts outlining ways Cybersecurity Performance Management (CPM)TM can help you improve your cyber performance, reduce risk, and increase cyber ROI—all through the lens of the NIST Cybersecurity Framework (CSF). Last week, we talked about the “Recover” Security Function, which you can find here. Today…

In recent years, businesses have struggle in the face of an ever-growing threat from cybercriminals. The increased sophistication and automation of malware distribution has resulted in an arms race between malware developers and system owners, who need to be on top of their game in remediating flaws as they become known. Rapid vulnerability exploitation has…

Computer hardware maker Zotac has exposed return merchandise authorization (RMA) requests and related documents online for an unknown period, exposing sensitive customer information. Zotac, known for its range of compact and mini PCs, high-performance graphics cards, motherboards, and computer accessories, has misconfigured the web folders that hold RMA data, resulting in them being indexed by…

In today’s cybersecurity landscape, ensuring the implementation of best practices is essential for a resilient critical infrastructure where negative public impact is minimized when an event occurs.  The Cybersecurity and Infrastructure Security Agency (CISA) has developed Cross-Sector Cybersecurity Performance Goals (CPGs) to help organizations prioritize their cybersecurity efforts. In this post we’ll take a closer…

In an ongoing extortion campaign against Ticketmaster, threat actors have leaked almost 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, Phish, Tate McCrae, and Foo Fighters. The tickets were leaked by a threat actor known as ‘Sp1derHunters,’ who is selling data stolen in recent data theft attacks from Snowflake accounts. In April,…

A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data. Hunt’s findings come after the company filed a breach notification with the Office of…

The Internet of Things (IoT) has revolutionized how we interact with technology, but it has also brought significant cybersecurity challenges. As IoT devices proliferate, from smart homes to industrial systems, they create numerous entry points for cyber threats. The sensitive data these devices handle and their integration into critical infrastructure underscore the need for robust…