Every internet-facing system in your network must undergo a risk assessment and, if necessary, be secured by avoiding default ports and applying stringent restrictions.

In the digital world, it’s rare to see a crime of passion. Most cyberattacks fall into the crimes of opportunity category, taking advantage of a situation that presents itself unexpectedly. They are usually launched by individuals or groups using readily available automated tools to target and exploit known vulnerabilities. Often referred to as “script kiddies,”…

Whether you are playing a friendly game of chess, planning a flanking attack for a modernized military force, or protecting your business against malicious threat actors, one thing is for certain: it is advantageous to be able to anticipate your adversary’s next move. A chess master, for example, memorizes famous moves to improve strategy and…

23andMe is a personal genomics and biotechnology company based in Sunnyvale, California, and is known for its direct-to-consumer genetic testing kits. According to a blog post posted on its website on October 6, 2023, the company acknowledged falling victim to a credential-stuffing attack on its website. This cyberattack involved using stolen login credentials to enable…

After nearly a decade of relatively stable numbers, there was a dramatic spike in newly discovered common vulnerabilities and exposures (CVEs), going from just under 6,500 in 2016 to over 14,700 in 2017. Since then, the number has only grown exponentially. HackerOne’s ethical hackers identified a whopping 65,000 vulnerabilities last year. According to those hackers, the rapid pace…

The Dodd-Frank Wall Street Reform and Consumer Protection Act enacted in 2010 required the U.S. Federal Reserve to conduct annual stress tests for banks with a minimum amount of assets. C-suite leadership of these banks take these stress audits very seriously and devote ample resources and efforts to prepare for these reviews. This includes their…