The Cybersecurity and Infrastructure Security Agency (CISA) released the Cloud Security Technical Reference Architecture (TRA) and Zero Trust Maturity Model for public comment.
Microsoft is currently investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. The exploitation of this vulnerability may allow a remote attacker to take control of an affected system. In addition, this vulnerability has been detected in exploits in the wild.
The Securities and Exchange Commission (SEC) has sanctioned eight financial services firms for cybersecurity failures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm.
To help mitigate cybersecurity risks to managed service provider customers, the Cybersecurity and Infrastructure Security Agency released a resource, providing a framework that government and private sector organizations outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk.
Guardicore has discovered a new attack vector on Comcast’s XR11 voice remote that would have allowed attackers to turn it into a listening device – potentially invading your privacy in your living room.
By staying on top of open source trends, scanning frequently and working with security counterparts to get the information needed, developers can fix more third-party library flaws faster to develop more secure applications in the future.
Overcome human nature with a security mindset that uses what humans are best at: complex reasoning. Remember to trust your human nature – the intuition that you need to double-check “locking the doors” or other security steps.
Many companies aren’t focused on cybersecurity disciplines directly, nor do they know how to optimize their cybersecurity. Therefore, it becomes the customers’ IT and technology partners’ job to focus on the basics, creating a faster and more fluid response for their clients. Let’s look at three ways partners can advise customers on their cybersecurity needs.
