The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance
by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for…
Data Breaches are a Dime a Dozen: It’s Time for a New Cybersecurity Paradigm
Data breaches have accelerated quickly in 2024. Google ‘data breach’ and you’re in for a whirlwind of high-profile names scattered…
Windows Server 2025 released—here are the new features
Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday,…
Why Did Snowflake Have a Target on It? Handling Data Warehouse Security Risks
In early June, the Ticketmaster breach brought widespread attention to the fact that Snowflake accounts did not require multi-factor authentication…
New tool bypasses Google Chrome’s new cookie encryption system
A researcher has released a tool to bypass Google's new App-Bound encryption cookie-theft defenses and extract saved credentials from the…
It’s Time to Sound the Alarm on SMB Cyber Threats
There’s an unnerving secret many of us in cybersecurity have noticed. And if you think your company is “too small”…
Could Security Misconfigurations Become No. 1 in OWASP Top 10?
As Superman has kryptonite, software has weaknesses — with misconfigurations leading the pack.
How a Centuries-Old Company Reached Security Maturity
In this case study, a 180-year-old life and pension insurer brought its security infrastructure into the modern age.
Progress LoadMaster vulnerable to 10/10 severity RCE flaw
Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT)…
New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service…