Blogs

In a bid to prevent threat actors from compromising agency networks, the Cybersecurity and Infrastructure Security Agency (CISA) issued a new directive in Juneordering federal agencies to disconnect all networked management devices from theinternet. What is Binding Operational...

In December 2021 news of a critical vulnerability in the Apache Log4j software made the headlines. While it has now been more than one year since the initial alert, and despite patches being released, the vulnerability persists. The Log4j vulnerability The logging tool Log4j is...

2022 was a big year for high profile data breaches around the world - At the start of the year a breach at FlexBooker prevented 3.7 million from accessing their scheduling tool accounts. In February, a data leak at the world’s largest semiconductor chip company, Nvidia, took...

Every network security strategy aims to maintain a careful equilibrium between reactive response and recovery, and proactively preventing attacks and identifying vulnerabilities. The proactive approach has now come more into focus as organizations embrace cybersecurity...

Yesterday, the OpenSSL Project fully disclosed and provided a patch for CVE-2022-3602, which had initially been deemed Critical, due to it being believed to allow Remote Code Execution (RCE). At the time it was also believed to only affect version 3+ of the library, which would...