Atlassian Confluence vulnerability On August 25th, Atlassian released a statement warning about the critical remote code execution vulnerability (CVE-2021-26084). According to the company, the vulnerability affected the Confluence server and Confluence data center. What is the CVE-2021-26084 vulnerability?  The vulnerability involves an Object-Graph Navigation Language (OGNL) injection flaw on Atlassian’s Confluence server and data center […]

The APWG Phishing Activity Trends report for the first quarter of 2021 paints a grim picture. According to the report, the number of phishing websites peaked in January 2021, reaching record-setting highs of 245,771. While phishing-related scams dwindled later in the quarter, March saw well over 200,000 incidents, the 4th highest number ever reported by […]

The cybersecurity training market is “globally exceeds $1 billion in annual revenue” and is constantly growing at about 13 percent per year(KnowBe4). An employees’ actions can damage an organization’s security and lead to many large expenses due to information breaches. Employees (and their corresponding mistakes) are the single biggest security risk for organizations.  An average […]

Mobile carrier T-Mobile suffered a massive data breach recently, the 5th such occurrence in the last four years. Preliminary analysis revealed that the breach affected nearly eight million current postpaid customers and forty million former or prospective clients who had applied for credit with the company. The compromised data is as sensitive as it could […]

Back in 2011, a botnet managed to infect an estimated 1 million computers worldwide. Known as GameOver Zeus, the infamous malware was programmed to specifically steal banking credentials. It then used the captured banking information to initiate or re-direct wire transfers, managing to steal over $100 million from individual users, businesses and organizations. It took […]

Another day, another security acronym splashed across vendor marketing brochures. In present times, the most popular term you’ve probably come across is SASE, which is enjoyably pronounced like ‘sassy’. SASE stands for secure access service edge. While the term is everywhere at the moment, if you’re an MSSP looking to bolster your security offering to […]

Building a security program without knowing what you are securing is a fool’s folly. An inventory of assets is a necessary first step towards a comprehensive enterprise risk program. Assets can either be physical (such as laptops, server racks, offices) or digital (software, data, reports). Master Data Management (MDM) is the methodology to catalog data […]

  Chances are, you’ve heard of the Dark Web. Often likened to the digital underbelly of the world, it’s a place that’s full of nefarious deeds. Drug sales, illegal weapons, hacking tools and stolen data are all up for grabs in its online marketplaces.  However, it’s not easy to find. The Dark Web is invisible […]

Cyber insurance. You know you need it, but you’re overwhelmed by the types of coverage, the number of providers and the cost of insurance premiums. In fairness to you, your feelings of overwhelm are warranted. The cyber insurance market has exploded in the last few years. Spurred on by the increase in cyber crime, insurance […]

This year is shaping up to be a record setter in terms of data breaches. There were 491 incidents in the US in Q2 2021, an almost 40% increase over the same period last year. In fact, the number of data compromises recorded for the first half of 2021 already constitutes 76% of the total […]

In today’s digital world, a brand’s credibility is intrinsically linked to its ability to protect its data and IT infrastructure. This means that to maintain market share, keep customers satisfied and improve profits, choosing the right cybersecurity products is a must.  Deciding which cybersecurity solutions to use was once in the power of CIOs and […]