Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations
Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell (CVE-2021-44228) vulnerability is nowhere near finished. As Dr. …
Product showcase: Is Crystal Eye XDR the most comprehensive security platform on the market?
In this product showcase, we look at Red Piranha’s Crystal Eye XDR platform. Red Piranha pioneered the integrated security service model back in 2015 with out of the box MDR …
Password offenders: Who’s the naughtiest of them all?
In 2021, we’re celebrating the 60th anniversary of the computer password’s invention, but it also marks the year of some of the worst password mishaps this century. To honor …
Passwordless verification API transforms every mobile phone into a security token for zero trust access
What is small, tamper-proof, cryptographically secure, and already used by 6.37 billion people? The SIM card. We carry this compact piece of secure tech everywhere without …
How healthcare providers handle safeguards to protect payment and PII
Semafone released a survey which aimed to identify the underlying consumer sentiment on payment experiences with their healthcare providers. Over the last 20+ months, the …
Why are data professionals investing in data governance programs?
Precisely and Drexel University’s LeBow College of Business (LeBow) released findings from their data management survey. The report provides insights into the potential …
Foundational cloud security with CIS Benchmarks
Cloud service providers (CSPs) have changed the way organizations of all sizes architect and deploy their IT environments. CSPs now make it possible for organizations to …
The cyber risk future doesn’t look good, but organizations are ready
A Trend Micro report predicts global organizations will emerge more alert and better prepared in 2022 thanks to a comprehensive, proactive, cloud-first approach to mitigating …
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
It’s the final Patch Tuesday of 2021 and Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to …
Ransomware hits HR solutions provider Kronos, locking customers out of vital services
The end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group …
Enterprise email encryption without friction? Yes, it’s possible
Secure communication enables more efficient communication and the secure exchange of digital documents. It can also be a fantastic customer service tool and – crucially …
Hybrid work is dead, long live “work”
As we head into 2022, work will no longer be distinguished by where an employee (or student) is working or learning from. Work from wherever, on whatever device, will simply …