Security News

A new guide from XDR and SSPM provider Cynet, titled The Guide for Reducing SaaS Applications Risk for Lean IT Security Teams, breaks down exactly why SaaS ecosystems are so risky, and how security teams can mitigate those dangers. The risk of a digital disaster is impossible to ignore - especially given the security paradigms that govern most SaaS applications.

The first 90 days for a new CISO are crucial in setting up their security team, so there is little time to waste, and much to accomplish. A new guide by XDR provider Cynet looks to give new and veteran CISOs a durable foundation to build a successful security organization.

Security teams spend most of their time preparing their organizations' defenses and doing operational work. Security teams with copious resources can quickly shift between these two modes.

MITRE ATT&CK has become the go-to framework in understanding and visualizing cyber threats and risk. Tips on how to use it as part of your cyber skills strategy.

'Mega breaches' might sound dystopian, but they're becoming an all too familiar feature of the modern cyber crisis. Organizations are still relying on traditional techniques to prepare and exercise their workforces' cyber crisis response.

A security flaw in Amazon's Kindle e-reader made it vulnerable to malicious eBooks, opening the door to turning the devices into bots, compromising personal information and more. Check Point disclosed the bug to Amazon in February, and it was fixed in April; Amazon released patched firmware to be automatically installed on every Kindle connected to the internet.

Amazon earlier this April addressed a critical vulnerability in its Kindle e-book reader platform that could have been potentially exploited to take full control over a user's device, resulting in the theft of sensitive information by just deploying a malicious e-book. "By sending Kindle users a single malicious e-book, a threat actor could have stolen any information stored on the device, from Amazon account credentials to billing information," Yaniv Balmas, head of cyber research at Check Point, said in an emailed statement.

Today's cybersecurity landscape is enough to make any security team concerned. If the most elite security teams can't prevent these attacks from happening, what can lean security teams look forward to?

Active Directory is central for many companies and used to authorize access at almost every level. Due to its popularity and importance, AD is a perfect target for 'bad actors.

A new eBook from XDR provider Cynet offers insights into factors that are clear signs organizations need to upgrade their detection and response tools to stay with the times. The eBook highlights several factors and questions that companies can ask themselves to determine whether they are okay with the level of security they have, or if they should upgrade their detection and response capabilities.