Since 2004, October has been recognized as Cybersecurity Awareness Month by organizations like the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA), which are dedicated to helping individuals better protect themselves against online threats. This year CISA and NCA are focusing on the human element of security, with the 2022 Cybersecurity…
Read More
One of the unfortunate truths for trust and fraud teams is that they spend more time fighting within their organization to get access to the data they need than they do fighting bad actors. These teams often build collaborative relationships with cybersecurity teams to address issues like credential stuffing and bots, but a new generation…
Read More
Context Microsoft has shared mitigation measures, which are included below, to block attacks exploiting the flaw, designated CVE-2022-30190, while a patch is being developed. Microsoft‘s entry for CVE-2022-30190 indicates it affects MSDT on all versions of Windows and Windows Server and has detected exploitation in the wild. The remote code execution vulnerability exists when Microsoft Support Diagnostic Tool (MSDT) is called using the…
Read More
Security spend for eCommerce companies grows year on year, and according to data researched by BigCommerce, 77% of businesses bought new security tools in the last year, and 69% have added security headcount to their teams. However, is this security being targeted in the right direction? In particular – how much attention do you put…
Read More
For many enterprises, zero trust has emerged as the North Star of modern cybersecurity frameworks, designed to help organizations reduce their attack surface and risk by applying principles of least privilege or a “never trust, always verify” approach. Some zero trust-based security controls, like multi-factor authentication (MFA), are designed to add layers of login defense…
Read More
