Security Boulevard

A recent discovery has exposed critical vulnerabilities in the Dovecot mail server, potentially allowing attackers to exploit the IMAP implementation and disrupt service. These vulnerabilities, identified as CVE-2024-23184 and CVE-2024-23185, can lead to denial-of-service (DoS) attacks by overwhelming the server with excessive address headers or very large headers. Dovecot is a popular open-source IMAP and […]

The post Debian Patches Two Dovecot Vulnerabilities appeared first on TuxCare.

The post Debian Patches Two Dovecot Vulnerabilities appeared first on Security Boulevard.

Linux kernel updates often include performance improvements and hardware compatibility. Regular kernel updates are crucial for patching vulnerabilities and protecting your system from cyberattacks. Live patching eliminates the need to reboot the system, avoiding service interruptions. Freshen up with something new and improved – if it’s as simple as applying a software update…. well, why […]

The post Bad Reasons to Update Your Linux Kernel appeared first on TuxCare.

The post Bad Reasons to Update Your Linux Kernel appeared first on Security Boulevard.

As per recent reports, a new macOS malware, dubbed the Cthulhu stealer, has been discovered by cybersecurity researchers. The information stealer is designed to target macOS hosts and is capable of harvesting a wide range of information. In this article, we’ll dive into the details of the Cthulhu stealer and uncover protective measures implemented against […]

The post Cthulhu Stealer: New macOS Malware Targets Apple Users’ Data appeared first on TuxCare.

The post Cthulhu Stealer: New macOS Malware Targets Apple Users’ Data appeared first on Security Boulevard.

A frequently asked question in cybersecurity is “What affects me?”. Companies want to know not only what is affecting other companies but what is specifically affecting similar companies in their industry and is therefore likely to affect them.

The post Research Identifies Prevalence of Brand Impersonation in Three-Year Cross-Industry Analysis appeared first on Security Boulevard.

Rubrik and Cisco have allied to improve cyber resiliency by integrating their respective data protection and extended detection and response (XDR) platforms.

The post Rubrik Allies to Cisco to Improve Cyber Resiliency appeared first on Security Boulevard.

Singapore, Singapore, 4th September 2024, CyberNewsWire

The post Blackwired Launches ThirdWatch℠, A Paradigm Shift in Cybersecurity appeared first on Security Boulevard.

Less than a month after we at Contrast Security announced Application Detection and Response, it is already a finalist for a major cybersecurity award. 

The post Award Finalist: Contrast Security Application Detection and Response appeared first on Security Boulevard.

Is Your Business Trusted? The Critical Importance of SOC 2 Readiness in Today’s Industry Is Your Business Trusted? The Critical Importance of SOC 2 Readiness in Today’s Industry In an era where data breaches and cyber threats are increasingly common, businesses are under immense pressure to ensure their security measures while staying compliant with regulations […]

The post Is Your Business Trusted? The Critical Importance of SOC 2 Readiness in Today’s Industry appeared first on Cyber security services provider, data privacy consultant | Secureflo.

The post Is Your Business Trusted? The Critical Importance of SOC 2 Readiness in Today’s Industry appeared first on Security Boulevard.

Airport security is a lot like cybersecurity. Each is a cumbersome process aimed at protecting valuable assets. Both involve detection and response. In both airport and cyber security, the approach is to find threats that have made it inside the exterior walls — e.g., detect threats via x-raying luggage at the airport or by uncovering zero-day vulnerabilities in application code in production. Then, respond by blocking the threat, be it by removing forbidden materials from luggage or blocking exploitation of a web application vulnerability bysurrounding dangerous functions with trust boundaries. 

The post Application Detection and Response: Understanding ADR’s Detection and Response Layers | Contrast Security appeared first on Security Boulevard.

Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the attack surface, such as extended detection and response (EDR or XDR), security information & event management (SIEM), and security orchestration, automation & response (SOAR); despite that, these tools often do [...]

The post API Attack Surface: How to secure it and why it matters appeared first on Wallarm.

The post API Attack Surface: How to secure it and why it matters appeared first on Security Boulevard.

City officials in Columbus, Ohio, filed a complaint against a cybersecurity expert who has been telling local media that the sensitive data stolen by the Rhysida group in a July ransomware attack poses a larger threat to residents and employees than the mayor and others have been saying.

The post Columbus Sues Expert, Fueling Debate About Ransomware Attack appeared first on Security Boulevard.

https://youtu.be/SG1Rd3SY40I Q: Welcome, Cecil. Thank you for joining us today. To start, could you share a bit about your journey...

The post Talking DSPM: Episode 2 – Cecil Pineda appeared first on Symmetry Systems.

The post Talking DSPM: Episode 2 – Cecil Pineda appeared first on Security Boulevard.

Authors/Presenters:Jana Hofmann, Azure Research, Microsoft; Emanuele Vannacci, Vrije Universiteit Amsterdam; Cédric Fournet, Boris Köpf, and Oleksii Oleksenko, Azure Research, Microsoft

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Speculation At Fault: Modeling And Testing Microarchitectural Leakage Of CPU Exceptions appeared first on Security Boulevard.

via the comic & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Sky Alarm’ appeared first on Security Boulevard.

What started off as a vision I had many years ago has hit a significant milestone. The Host Unknown Podcast has somehow managed to stumble its way to 200 episodes. It’s a feat that probably a testament to the sheer stubbornness of my co-hosts Thom Langford and Andrew Agnês – and a bit of external … Continue reading 200 Episodes of the Host Unknown Podcast →

The post 200 Episodes of the Host Unknown Podcast appeared first on Security Boulevard.

Multiple types of organizations around the world are currently facing heightened threats from Iran-aligned cyber actors. Researchers continue to report significant increases in Iran-aligned threat activity well after the start of the Israel-Hamas War in October 2023. In recent weeks alone, Iran-backed groups deployed new malware for long-term intelligence collection, compromised U.S. presidential campaign systems, and even collaborated to ransom entities in critical U.S. and foreign industries. 

Whether you are a defender who wants to quickly assess defenses against all current major threats or an analyst looking to pinpoint certain groups with relevant motivations or targeting patterns, this resource aims to help by highlighting numerous links to recent adversary, tool, & TTP intelligence from across the Tidal Cyber knowledge base. 

How to Operationalize This Intelligence: Tidal Cyber is specifically designed to operationalize adversary behavioral intelligence. The free Community Edition lets defenders easily pivot from or compareadversary TTPs to elements of their defensive stack (60-second tutorial). The Enterprise Editionplatform supercharges this workflow witheasy-to-maintain collections of relevant threats, fully featured Defensive Stacks, and continually updated Coverage Maps. 

The post Iran Cyber Threat Resource Center: How to Navigate Amid Geopolitical Conflicts and Tensions appeared first on Security Boulevard.

Authors/Presenters:Zhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, Yuval Yarom

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Ultimate SLH: Taking Speculative Load Hardening To The Next Level appeared first on Security Boulevard.

Authors/Presenters:Zhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, Yuval Yarom

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Ultimate SLH: Taking Speculative Load Hardening To The Next Level appeared first on Security Boulevard.

Recently in our webinar series with Amazon Web Services (AWS) and Fortify by OpenText™, our third installment, "The Power of SBOMs: Regulations Looming," brought the panel together to discuss the evolving role of software bills of materials (SBOMs) amidst tightening global regulations.

The post Navigating new regulations and the role of SBOMs in software security appeared first on Security Boulevard.

In a recent podcast interview with Cybercrime Magazine's host, David Braue, Scott Schober, Cyber Expert, Author of "Hacked Again," and CEO of Berkeley Varitronics Systems, discusses the July 2024 CrowdStrike outage, explaining what happened and more. 

The post Microsoft-CrowdStrike Outage Explained appeared first on Security Boulevard.