Data Breaches

Cybersixgill’s new IQ cybersecurity threat intelligence application promises to offer quicker and more digestible intelligence on potential threats on the dark web, by leveraging generative AI to provide automated reporting and dissemination of information. The idea is to simplify access to threat intelligence data, which ordinarily is done manually by analysts. According to the company’s announcement, Cybersixgill IQ, which is trained on the company’s own data sets, is able to “democratize” cybersecurity threat intelligence by…

Read More

Software supply chain security vendor Rezilion has announced the release of a new agentless solution for vulnerability management. It enables security teams to monitor exploitable software attack surfaces in runtime without using an agent, reducing the time and overhead required for traditional runtime-based software vulnerability analysis, according to the firm. Rezilion’s new solution covers all versions of Windows and Linux across 12 code languages, it said. Effective prioritization and remediation of software vulnerabilities can be…

Read More

With an ever-increasing number of cybersecurity threats and attacks, companies are becoming motivated to protect their businesses and customer data both technically and financially. Finding the right insurance has become a key part of the security equation, which is no surprise given that the average cost of a data breach in the US has risen to $9.44 million — more than twice the global average of $4.35 million. The global cyber insurance market was valued…

Read More

The developer of the recently exploited MOVEit Transfer application issued new updates after a third-party security audit identified additional SQL injection vulnerabilities. Customers are advised to deploy the new patches as soon as possible since attackers are clearly interested in exploiting this and other enterprise secure file transfer solutions. “In addition to the ongoing investigation into vulnerability (CVE-2023-34362), we have partnered with third-party cybersecurity experts to conduct further detailed code reviews as an added layer…

Read More

Okta said Tuesday that it’s set to launch a new offering, Okta Device Access, designed to extend the capabilities of its cloud-based identity and access management (IAM) service to enterprise desktops and other devices in hybrid work environments. The application, according to the company, aims to simplify logins while also offering stronger authentification features and achieving a zero trust security environment. Okta Device Access, deployed as part of Okta’s Workforce Identity Cloud service, will  launch…

Read More

Tension between difficult economic conditions and the pace of technological innovation, including the evolution of artificial intelligence (AI), is fueling the growth of the identity attack surface and identity-led cybersecurity exposure. That’s according to the CyberArk 2023 Identity Security Threat Landscape Report, which details how these issues have the potential to compound “cyber debt” where investment in digital and cloud technology outpaces cybersecurity spend. This create a rapidly expanding and unsecured identity-centric attack surface. The…

Read More

What’s in your Windows security policy? Do you review your settings on an annual basis or more often? Do you provide education and training regarding the topics in the policy? Does it get revised when the impact of an incident showcases that an internal policy violation led to the root cause of the issue? And, importantly, do you have a security policy that includes your firm’s overall policies around the increasing race towards artificial intelligence,…

Read More