Security News
The US government's 120-day Cybersecurity Apprenticeship Sprint has come to an end. The initiative has resulted in more than 190 new cybersecurity programs and 7,000 apprentices getting hired.
Security researchers are raising alarm on an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer.
E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores.
As part of last month's Cybersecurity Awareness Month, I was traveling around the globe to provide organizations actionable tips on how to strengthen their cybersecurity posture and allow for accelerated recovery from cyberattacks. Through my conversations with hundreds of analysts, system integrators, and security professionals one thing became apparent – many of them understand that it's no longer a matter of ‘if' but ‘when' an organization will suffer a data breach. This means that instead of primarily focusing efforts on keeping threat actors out of the network, it's equally important to develop a strategy to reduce the impact. In turn, many organizations have started adopting a new strategy to cope with today's increased cyber threats, which is called ‘cyber resilience'.
The U.S. government on Wednesday issued a blunt recommendation for organizations running VMWare Horizon servers: Initiate threat-hunting activities to find and expel Iranian APT actors that used the Log4j crisis to slip undetected into corporate networks.
