The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday announced the release of a Stakeholder-Specific Vulnerability Categorization (SSVC) guide that can help organizations prioritize vulnerability patching using a decision tree model.
Gaping Authentication Bypass Holes in VMWare Workspace One
Virtualization technology giant VMware joined the Patch Tuesday train this week to deliver urgent security patches to its VMWare Workspace One product.
Video: ESG – CISO’s Guide to an Emerging Risk Cornerstone
Offense Gets the Glory, but Defense Wins the Game
When it comes to cybercriminals, defense evasion remains the top tactic globally. In fact, it was the most employed tactic by malware developers in the past six months – and they’re often using system binary proxy execution to do so. Hiding malicious intentions is one of the most important actions for adversaries. Therefore, they are attempting to evade defenses by masking malicious intention and attempting to hide commands using a legitimate certificate.
Webinar Today: ESG – CISO’s Guide to an Emerging Risk Cornerstone
Engineering Workstations Used as Initial Access Vector in Many ICS/OT Attacks: Survey
Organizations are more confident in their ability to detect an OT breach
Bearer, Notebook Labs, Protexxa Raise Millions in Seed Funding
Bearer, Notebook Labs, and Protexxa, three cybersecurity startups dealing with data security, web3 identity, and enterprise cyber hygiene, respectively, have announced raising a combined total of over $10 million in seed funding.
Deepfakes – Significant or Hyped Threat?
There have been many warnings of the rising cybersecurity threat from deepfakes, but little hard evidence that the threat is current. SecurityWeek spoke to Nasir Memon, an IEEE Fellow and NYU professor to understand the current state and future significance of deepfakes.
How to Prepare for New SEC Cybersecurity Disclosure Requirements
Many organizations used to hit the mute button whenever discussions about cybersecurity came up, but this silence has been breaking more frequently as more businesses are victimized by hackers and experience effects that hit their bottom line in ways that require them to share the information with regulators.
DHS Develops Baseline Cybersecurity Goals for Critical Infrastructure
The DHS on Thursday announced Cybersecurity Performance Goals (CPGs) to help organizations — particularly in critical infrastructure sectors — prioritize cybersecurity investments and address critical risks.