As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- CISA Releases Five Industrial Control Systems Advisories
September 6, 2022
CISA has released five Industrial Control Systems (ICS) advisories on September 06, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-249-01 Triangle Microworks Library ICSA-22-249-02 AVEVA Edge 2020 R2 SP12020 R2 ICSA-22-249-03 Cognex 3D-A1000 Dimensioning ...
- Holiday Inn-owner IHG hit by ‘unauthorised activity’ in tech systems
September 6, 2022
Holiday Inn owner IHG said on Tuesday that bookings on its websites and apps were facing disruptions after its technology systems were hit by “unauthorised activity”. IHG said it was assessing the nature, extent and impact of the incident and had implemented its response plans. The company, which has appointed external specialists to investigate the incident and ...
- CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain
September 2, 2022
CISA, the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), have published part one of a three-part joint publication series, Securing Software Supply Chain Series – Recommended Practices for Developers. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—focuses ...
- CISA releases two Industrial Control Systems Advisories
August 31, 2022
CISA has released two Industrial Control Systems (ICS) advisories on September 01, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSMA-22-244-01 Contec CMS8000 ICSA-22-244-01 Delta Electronics DOPSoft Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- CISA Releases 12 Industrial Control Systems Advisories
August 29, 2022
CISA has released 12 Industrial Control Systems (ICS) advisories on August 30, 2022. These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-242-01 Hitachi Energy FCP ICSA-22-242-02 Hitachi Energy GWS ICSA-22-242-03 Hitachi Energy MSM ICSA-22-242-04 Hitachi Energy RTU500 ...
- US ‘actively defending against foreign interference and influence’ in midterms, Cyber Command says
August 25, 2022
US military and intelligence officials are stepping up their efforts to defend the electoral process from foreign hacking and disinformation as the November midterms approach, officials said Thursday. Officials are “actively defending against foreign interference and influence operations in U.S. elections,” US Cyber Command and the National Security Agency said in a statement, “specifically by focusing ...

