Social Engineering Testing: Countering Phishing in the Metaverse Imagine this scenario: you’re walking through a bustling digital marketplace in the Metaverse when an old friend, or at least someone who looks like them, hands you a digital envelope. You open it, and suddenly, your virtual assets are drained. Welcome to the next frontier of phishing: […]
Social Engineering TestingSecuring Cloud Data: An Advanced SOC 2 Compliance Checklist The surge in cloud technology adoption has brought numerous advantages, from scalable storage solutions to cost-effective infrastructure. Yet, with these benefits come unique challenges, especially in ensuring the security and privacy of data. The Service Organization Control 2 (SOC 2) framework emerges as a key player […]
SOC 2 ComplianceRevolutionizing High-Level Cybersecurity Risk Assessment with AI The fusion of artificial intelligence (AI) with cybersecurity is akin to putting on a pair of infrared goggles in a dark room. Suddenly, risks that once lurked unseen in the shadows become glaringly apparent, offering organizations the opportunity to bolster their defenses and outmaneuver digital adversaries. The Changing […]
High-Level Risk Assessment
In the realm of cybersecurity, the stakes are sky-high, and at its core lies secrets management — the foundational pillar upon which your security infrastructure rests. We’re all familiar with the routine: safeguarding those API keys, connection strings, and certificates is non-negotiable. However, let’s dispense with the pleasantries; this isn’t a simple ‘set it and […]
Cyber News
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct […]
Cyber News
Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large company” to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to their advantage, the development marks the first […]
Cyber News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows for a complete compromise of a […]
Cyber News
If you have been optimistically daydreaming that losses attributed to cybercrime might have reduced in the last year, it’s time to wake up. The FBI’s latest annual Internet Crime Complaint Center (IC3) report has just been published and makes for some grim reading. According to the IC3 report, online fraud hit record losses in 2023, […]
Cyber News
Ransomware HALTS beer production at Belgium’s Duvel brewery | Graham Cluley Watch this video on YouTube Bad news folks. I’m afraid that the people of Belgium are dealing with a national emergency. Yes, I’m afraid that a ransomware attack hit a part of Belgium’s critical infrastructure on Tuesday night. Sign up to our free newsletter.Security […]
Cyber News