Scott R. Davis

SEPTEMBER 17, 2022

September 16, 2022 – The Cyber Security Association of Pennsylvania and it's President Scott R. Uber has announced that they are investigating a wide-reaching security breach that was started when an employee answered a text message from a person impersonating IT support with their user credentials. What do you do?

Alert 246

Alert Security Communications Vulnerability 246

Assurance IT

JUNE 22, 2021

Did you know that in 2020, over 18,000 vulnerabilities were created? When your computer is linked to an insecure network your software security can be compromised. Updates that are forgotten, product flaws, and unresolved developer issues expose your clients to computer security risks. What is a Vulnerability?

Vulnerability 52

Vulnerability Security Authentication Application 52

Unitrends

JUNE 3, 2024

Proven, secure BCDR is essential in today’s always-on, digital world to respond swiftly to and […] The post Truth, Lies and BCDR: Are Your Software-based Backups Vulnerable? appeared first on Unitrends.

Vulnerability 52

Vulnerability Backup Disaster Recovery Business Continuity 52

Pure Storage

JANUARY 21, 2022

In December, a critical zero-day vulnerability was reported in the widely used Log4j framework. Log4j is so ubiquitous, in fact, that Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly called this “the most serious vulnerability I have seen in my decades-long career.”. What Is the Log4j Vulnerability?

Vulnerability 105

Vulnerability Internet Cybersecurity Authentication 105

Citrix

DECEMBER 13, 2021

was made public on December 9, 2021, as to which JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other … The post Guidance for reducing Apache Log4j security vulnerability (CVE-2021-44228) risk with Citrix WAF first appeared on Citrix Blogs. beta9 to 2.14.1

Vulnerability 85

Vulnerability Security Cybersecurity 85

Citrix

MAY 9, 2022

The HTTP protocol stack remote code execution vulnerability (CVE-2022-21907) lies in the management of HTTP Trailers by the kernel mode driver http.sys.

Vulnerability 71

Vulnerability Security Authentication Management 71

Citrix

NOVEMBER 7, 2022

November has started with the announcement of a high security OpenSSL vulnerability. Now that everyone is hopefully … The post Worried about the latest OpenSSL vulnerability? OpenSSL has released a blog post that provides more detail, and OpenSSL versions 3.0.0 through 3.0.6 are the ones to watch out for.

Vulnerability 75

Vulnerability Banking Technology Security 75

Citrix

JANUARY 9, 2023

Cambium Networks has issued upgrade packages for their on-premises cnMaestro product for fixing a vulnerability which allowed a pre-auth data exfiltration through improper neutralization of special elements used in an SQL statement.

Vulnerability 68

Vulnerability Mitigation Security 68

The Rand Blog

AUGUST 8, 2024

The decline of local media in the United States creates vulnerabilities to adversarial influence. Supporting local journalism is essential for strengthening democracy and ensuring timely detection of security threats.

Media 108

Media Security Vulnerability 108

Citrix

SEPTEMBER 1, 2022

Citrix has crafted new signatures and has updated its Citrix Web App Firewall signature file to help customers mitigate the recent authentication bypass vulnerability in multiple versions of Atlassian Confluence app (versions prior to 2.7.38 and 3.0.5).

Authentication 74

Authentication Vulnerability Mitigation Architecture 74

Behavior Group

JANUARY 30, 2019

With more than 16,500 known security vulnerabilities being catalogued, 2018 set a new record over last year’s previous record of 14,714. The post 2018 Set a New Record for Security Vulnerabilities appeared first on Behaviour Portugal.

Vulnerability 52

Vulnerability Security 52

Citrix

APRIL 1, 2022

Citrix recommends that customers … The post Guidance for reducing Spring4Shell security vulnerability risk with Citrix WAF (CVE-2022-22963 / CVE-2022-22965) first appeared on Citrix Blogs. A zero-day exploit affecting the Spring Framework versions (5.3.0 to 5.3.17, 5.2.0

Vulnerability 66

Vulnerability High Availability Security 66

Acronis

OCTOBER 23, 2024

Discover the importance of regular security patching in 2024 and how to stay ahead of evolving cyber threats. Understand the security patching process, from identifying vulnerabilities to applying patches seamlessly with the best practices for effective patch management, ensuring your systems stay updated and secure.

Security 52

Security Vulnerability Management Technology 52

Unitrends

JUNE 3, 2024

Proven, secure BCDR is essential in today’s always-on, digital world to respond swiftly to and […] The post Truth, Lies and BCDR: Are Your Software-based Backups Vulnerable? appeared first on Unitrends.

Vulnerability 40

Vulnerability Backup Disaster Recovery Business Continuity 40

Security Industry Association

OCTOBER 16, 2023

The Security Industry Association (SIA) stands in strong support of the recent bipartisan initiative led by Sens. urging increased funding to the Nonprofit Security Grant Program (NSGP). In a world faced with rapidly growing and ever-evolving security threats, this program is more crucial than ever before. Chris Murphy (D-Conn.),

Security 111

Security Vulnerability Capacity Management 111

Security Industry Association

SEPTEMBER 20, 2023

While the immediate consequences of a government shutdown are felt most by federal employees, its ripple effects impact various industries, notably including the security industry. How does a government shutdown impact the security industry?

Government 111

Government Security Vulnerability Authorization 111

MHA Consulting

NOVEMBER 30, 2023

Instead, they should be developed in coordination with the cybersecurity department to ensure that recovery measures do not inadvertently create vulnerabilities that can be exploited by hackers. The best way to do this is by making sure business continuity is integrated into a robust information security governance framework.

Security 103

Security Outage Vulnerability Cybersecurity 103

Behavior Group

SEPTEMBER 12, 2018

No matter how many layers are added to your security stack, nor how much phishing education and awareness training you do, threat actors continue to develop more sophisticated ways to exploit the human vulnerabilities with socially engineered attacks. In fact, as security defenses… Continue reading.

Vulnerability 52

Vulnerability Security Education Cybersecurity 52

Cloudian

FEBRUARY 11, 2021

The UK’s National Cyber Security Centre recently reported that it handled more than three times as many ransomware incidents as in the previous year. The post Overcoming Human Vulnerabilities that Open the Door to Ransomware appeared first on Cloudian.

Vulnerability 95

Vulnerability Cybersecurity Security Business Continuity 95

Security Industry Association

OCTOBER 19, 2023

The sUAS technology impact on society is in all aspects revolutionary in that it is changing many facets of everyday life while reshaping the security and safety landscape. This shift is something that security professionals are starting to respect, and the need for support, knowledge and information exchange is critical.

Security 105

Security Mitigation Vulnerability Emergency Response 105

Citrix

JANUARY 9, 2023

Cambium Networks has issued upgrade packages for their on-premises cnMaestro product for fixing a vulnerability which allowed a pre-auth data exfiltration through improper neutralization of special elements used in an SQL statement.

Vulnerability 52

Vulnerability Mitigation Security 52

Disaster Zone Podcast

APRIL 12, 2022

Their vulnerability has been highlighted in many different ways during the COVID-19 Pandemic. Their vulnerability has been highlighted in many different ways during the COVID-19 Pandemic. Supply chains have been in the news for the last two years. Hear first hand expert insights from Eric on his Podcast , Blog & EricHoldeman.com.

Command Center 130

Command Center Damage Assessment Security Emergency Response 130

Security Industry Association

MAY 23, 2023

The Security Industry Association (SIA) has secured approval from the U.S. Department of Labor for its national program standards establishing a new apprenticeship initiative for security technicians and installers. SILVER SPRING, Md. –

Security 98

Security Cybersecurity Education Technology 98

Security Industry Association

OCTOBER 28, 2024

All of this can become dangerous in a security context. Consider how bad actors with little or no programming knowledge could ask an AI chatbot to write a script that exploits a known vulnerability or provide a list of ways to hack specific applications or protocols. A human should always have the final say.

Security 52

Security Application Technology Cyber Resilience 52

Security Industry Association

MARCH 19, 2024

The potential is great, though challenges remain James Segil is the vice president of marketing and inside sales, video security and access control at Motorola Solutions. The physical and cybersecurity world is dynamic and fast-paced, with security experts constantly looking for ways to automate, optimize and enhance their security efforts.

Security 52

Security Cybersecurity Vulnerability Activation 52

Pure Storage

DECEMBER 18, 2023

7 Challenges with Applying AI to Data Security—and the Real Way to Solve Them by Pure Storage Blog As AI makes headlines and augments the way we work, there’s one area to be cautiously optimistic about: cybersecurity. There isn’t a silver bullet in security, but AI’s false sense of security can be risky. Can it lend a hand?

Security 132

Security Malware Disaster Recovery Cybersecurity 132

Solutions Review

JUNE 16, 2023

In this feature, SANS Institute Dean of Research Dr. Johannes Ullrich explains the critical role of safe and secure backup system storage. When exploited, backup software vulnerabilities can also compound into giving attackers direct access to live system environments.

Backup 98

Backup Security Malware Vulnerability 98

Security Industry Association

SEPTEMBER 19, 2024

New Security Industry Association (SIA) member Secure Direction Consulting offers expert independent security consulting. After eight years in the Corporate setting, I was confident I truly (and finally) made the transition from law enforcement to security professional. The company is headquartered in Richmond, Virginia.

Consulting 59

Consulting Security Education Manufacturing 59

Synology

AUGUST 16, 2024

In 2021, cybersecurity firm Cyfirma uncovered a critical security flaw in a leading surveillance manufacturer’s software, potentially allowing unauthorized control of surveillance cameras. Despite a swift security patch, over 80,000 cameras remained at risk a year later.

Security 52

Security Manufacturing Vulnerability Cybersecurity 52

Security Industry Association

JUNE 16, 2023

Jim Richards is CEO of Total Security Solutions. These insights can be used to inform your physical security planning. Still, many workers and visitors experience daily anxiety that comes with feeling exposed, vulnerable or targeted. For example, many utilities offices have ballistic barrier systems in place.

Security 98

Security Vulnerability Activation Retail 98

Behavior Group

MAY 18, 2021

The data shows that risk-based vulnerability management (RBVM) programs allow companies to get measurably better results with less work. The post Risk-based vulnerability management has produced demonstrable results appeared first on Behaviour Portugal. Extrapolating from there, it’s possible to… Continue reading.

Vulnerability 52

Vulnerability Management Cybersecurity Security 52

Security Industry Association

JUNE 12, 2024

Keyser Santana, member of the SIA RISE Steering Committee As the remote work trend continues to grow, ensuring the physical security of remote workers has become a critical concern for organizations. While much attention is given to cybersecurity, physical security should not be overlooked.

Security 52

Security Audit Internet Travel 52

Pure Storage

OCTOBER 14, 2024

Cybersecurity Leadership: The Complete Guide to Building and Leading an Effective Security Team by Pure Storage Blog Summary Strong leadership in cybersecurity has never been more critical. With a solid team and a culture of security, leaders can reduce risk and protect their organizations from cyber threats.

Cybersecurity 52

Cybersecurity Security Vulnerability Evaluation 52

Security Industry Association

OCTOBER 5, 2023

October is Cybersecurity Awareness Month , and the Security Industry Association (SIA) Cybersecurity Advisory Board is marking the occasion with a series of helpful content, tips and guidance on key cybersecurity topics. Zero-day attacks : Zero-day attacks are attacks that exploit vulnerabilities in software that the vendor is not aware of.

Cybersecurity 64

Cybersecurity Security Malware Vulnerability 64

Pure Storage

AUGUST 28, 2024

Security Pros Share the Secret to Data Resilience by Blog Home Summary In a recent Tech Talk, experts from Presidio and Pure Storage discussed how enterprises can take advantage of their increasing amount of data while keeping it secure. Still, all companies are going to have to face the issue of scale. How to protect your data? “MFA

Resilience 83

Resilience Security Cyber Resilience Architecture 83

Acronis

AUGUST 22, 2024

You and your data will be particularly vulnerable when your kids go back to school. It’s important to know the risks and do all you can to keep your data safe.

Vulnerability 78

Vulnerability Security Cybersecurity 78

FS-ISAC

OCTOBER 31, 2024

The Need for Speed in Threat Mitigation There used to be weeks between the announcement of a zero-day vulnerability and the next exploit. Now we have days or hours to patch the vulnerability, says Carsten Fischer, Deputy Chief Security Officer at Deutsche Bank. When you exchange information you can enrich it.

Mitigation 64

Mitigation Vulnerability Banking Pandemic 64