Security News

A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver...

How do security validations contribute to an organization's understanding of its security posture and risk profile? Third party security validation is a helpful tool, but typically is only part of the analysis required to understand the entire posture and effectiveness of a security program.

In today's increasingly automated operational environment, crypto agility-i.e., an organization's ability to switch rapidly and seamlessly between certificate authorities, encryption standards and keys and certificates with minimal disruption to one's digital infrastructure-becomes essential to business. In 2020, Apple reduced the lifespan certificates to a year, pushing others to match them, and in March 2023, Google announced a proposal to reduce TLS certificate validity to 90 days.

Our list of cybersecurity books has been curated to steer your professional growth in 2024. The book is packed with mental models, notes, and advice to help early-stage cybersecurity founders get their ideas off the ground and solve problems young companies face around problem discovery, hiring, building products, and fundraising.

The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society...

NIST CSF is based on existing standards, guidelines, and practices for organizations to manage and reduce cybersecurity risk better. It was designed to foster risk and cybersecurity management communications amongst internal and external organizational stakeholders.

Today's pervasive cyberattacks are forcing the majority of companies to pay ransoms and break their 'do not pay' policies, with data recovery deficiencies compounding the problem, according to Cohesity. All respondents said they need over 24 hours to recover data and restore business processes, and just 7% said their company could recover data and restore business processes within 1-3 days.

In this article, we walk you through how to set up and use Enpass. For users looking at a password manager for their business, I suggest trying out the Enpass 14-day free trial for either the Starter or Standard Plan.

Google on Monday donated $1 million to the Rust Foundation specifically to improve interoperability between the language and C++. C++, a popular general purpose programming language, has arguably fallen out of fashion due to concerns over safety. Lars Bergstrom, director of Android platform tools and libraries and chair of the Rust Foundation Board, announced the grant and said that the funding will "Improve the ability of Rust code to interoperate with existing legacy C++ codebases."

With Enpass Individual, you get security alerts for website breaches and the ability to identify accounts with two-factor authentication. Yes, Enpass is a safe password manager to use in 2024.