You are here

Home » Cybersecurity

Cybersecurity

Security Awareness – Getting Cybersecurity Right Includes Training the People

Seemingly everyday a new vulnerability or malware appears in the news heralding a new threat. However, despite the rise in cyber vulnerabilities and malware, humans remain the primary vector through which organizations are attacked and compromised. Thus, one of the most effective ways to manage this risk is to conduct frequent security awareness training courses. Awareness training helps cybersecurity professionals better manage human risk by altering how employees think about cybersecurity and teaching them to carefully consider their behaviors.

Cyber Resilience – NCSC Stresses Staff Well-Being During the Extended Russia-Ukraine Conflict

The U.K.’s National Cyber Security Centre (NCSC) recently issued guidance urging organizations to prepare for an extended period of heightened threat in relation to the Russia-Ukraine conflict. The NCSC assesses the cyber threat to the UK stemming from the conflict remains heightened and organizations are urged to not let their guard down. This new guidance specifically includes resources and tips to support staff resilience, as during an extended period of heightened cyber threat, systems, processes, and the workforce will come under increasing pressure.

Threat Awareness – Firmware Attacks Precipitated by Legacy Devices and Hybrid Work Models

The threat of compromise via firmware attacks is becoming an increasing concern for IT professionals. Between hybrid work models and continued reliance on legacy systems, it’s increasingly more challenging for IT staff to secure firmware on devices that may not be in the office or older systems that simply don’t support device security.

Ransomware Awareness – Black Basta Borrowing from the Best

A new ransomware group has targeted almost 50 victims within the two months of its emergence in the wild and it hasn’t even begun its marketing or affiliate campaign yet. The Black Basta ransomware first became operational in April 2022 and is the latest ransomware gang seeking to extort enterprises. Researchers believe Black Basta’s quick rise to prominence is due to its potential close ties with and copying the techniques of other successful ransomware groups such as Conti and REvil.

2022 CWE Top 25 Most Dangerous Software Weaknesses

The Homeland Security Systems Engineering and Development Institute, sponsored by the Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE, has released the 2022 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The Top 25 uses data from the National Vulnerability Database (NVD) to compile the most frequent and critical errors that can lead to serious vulnerabilities in software.

(TLP:WHITE) Threat and Vulnerability Advisory: Important Notification Regarding Compromise of Unpatched VMware Horizon and Unified Access Gateway with Log4Shell Exploit

Attention: Action required if your utility uses affected VMware Horizon® and Unified Access Gateway (UAG) servers in your environment and they are not up-to-date with current vendor patches or recommended workarounds.

Pages

Subscribe to Cybersecurity