As more businesses move towards cloud-based networks and data centers, there is a growing demand for secure access service edge (SASE) platforms that can provide reliable and efficient protection against cyber threats. However, one of the biggest challenges faced by network administrators is the traffic overhead created by SASE platforms. To address these concerns, Cato Networks has successfully created an
Artificial Intelligence (AI) has transformed numerous fields, making previously impossible tasks feasible. The use of generative AI in cybersecurity has been a breakthrough in securing sensitive data and systems from potential attacks. However, the same AI advancements that have made it easier to secure systems could also be used by bad actors to create powerful weapons capable of breaching cloud-based
St. Margaret’s Health in Illinois has announced the closure of its Peru and Spring Valley hospitals, citing a ransomware attack that occurred in February 2021 as one of the contributing factors. This decision marks the first time that a healthcare facility has linked its closure to a cyberattack. The closure of the hospitals will have a significant impact on the
Obsidian is a cybersecurity firm specializing in providing protection to individuals and businesses against all forms of cyber threats. Recently, they documented a successful ransomware attack on Sharepoint Online (Microsoft 365). The attack was carried out by hackers exploiting a Microsoft Global SaaS admin account, deviating from the standard compromised endpoint method. The victim sought assistance from Obsidian’s product and
Recent years have seen a significant increase in the use of unmanned aerial vehicles (UAVs) across a wide range of industries, from agriculture to law enforcement. While UAVs offer numerous benefits, including cost savings, improved safety, and greater efficiency, their increased use has also made them a target for cyberattacks. Now, new research from cybersecurity firm IOActive has found that
Fortinet has issued a warning to its customers that a recently patched vulnerability, identified as CVE-2020-27997, could potentially be a zero-day flaw that may have already been exploited in limited attacks. The severity of the threat prompted Fortinet to confirm that the latest FortiOS and FortiProxy updates address the flaw, which it has described as a critical heap-based buffer overflow
Mandiant, a cybersecurity company, has recently identified the Chinese cyber espionage group UNC3886 exploiting a zero-day vulnerability in the VMware ESXi hypervisor to escalate privileges on guest virtual machines. The group has been observed deploying malicious vSphere Installation Bundles (VIBs) on ESXi hypervisors to gain command execution, file manipulation, and reverse shell capabilities. UNC3886 is known for targeting technology, defense,
Amazon Web Services (AWS), the cloud computing division of Amazon, has released a new DevSecOps service that expands third-party integrations for its existing AI-driven security scanning tool. The new service, called Amazon CodeGuru Security, is a static application security testing (SAST) tool that primarily focuses on automatically detecting security vulnerabilities in Java, Python, and JavaScript code. AWS has positioned the
The rapidly evolving blockchain and cryptocurrency industries have introduced new challenges that require innovation and creativity. Blockchain consensus protocols, such as Proof-of-Work (PoW) and Proof-of-Stake (PoS), have been developed to secure the integrity and validity of blockchain transactions. While each consensus mechanism has its own strengths and weaknesses, the question of which is the best choice continues to spark debates
Managed file transfer (MFT) software is a crucial tool for organizations to securely transfer large or sensitive files. However, a recently patched zero-day vulnerability in MOVEit Transfer, a popular MFT software, has caused significant concerns among its users. Widely exploited zero-day CVE-2023-34362 is a zero-day vulnerability that affected MOVEit Transfer and was widely exploited from May 27, causing alarm bells
As the world becomes more reliant on software, securing our software supply chains has become increasingly vital. Cybersecurity threats are evolving and becoming more sophisticated, with attackers focusing their efforts on exploiting vulnerabilities in CI/CD pipelines. While DevOps methodologies have improved the speed and quality of software development, the integration of security, known as DevSecOps, is now seen as essential
Cybercrime has become one of the most pressing global risks in today’s world. According to the World Economic Forum, cybercrime is currently ranked among the top 10 global risks. In light of this, the importance of cybersecurity and the role of cyber professionals in addressing this risk cannot be overstated. Unfortunately, there is a severe talent shortage in cybersecurity, which
