Week of October 25th, 2024
Welcome to Your Cybersecurity Recap: a bite-sized weekly newsletter by cybersecurity enthusiasts, for cybersecurity enthusiasts.
Here are this week’s top takeaways:
Packetlabs at SecTor 2024
First founded in 1997, Black Hat is an internationally recognized cybersecurity event series providing the most technical and relevant information security research. Grown from a single annual conference to the most respected information security event series internationally, these multi-day events provide the security community with the latest cutting-edge research, developments, and trends.
That's why we were thrilled to participate in this year's SecTor. Now in its 18th year, SecTor 2024 takes place at the Metro Toronto Convention Centre (MTCC) in downtown Toronto, becoming a hub for thought leaders to connect about the future of cybersecurity.
At Packetlabs, we’re committed to the greater good—and that includes your right to security and privacy. Our exceptionally trained team aims to identify critical gaps that may have been missed in your last pentest and deliver 100% tester-driven assessments that exceed industry standards. Whether you're looking to test your network, web application, or cloud infrastructure, our ethical hackers are here to ensure your systems are truly secure.
At this year's SecTor, we shone a spotlight on the topic of cloud security.
Presented by one of our cloud security experts, Arman Aryanpour, this presentation focused on how, for both modern and growing companies, cloud-based infrastructure is essential to providing reliable and scalable services. The risks and impacts associated with this unavoidable threat vector are often masked through cloud compliance checks and configuration audits.
In this talk, we explored examples of compliant cloud environments that are considered secure by audit metrics and configuration standards but, through an assumed breach penetration test, are proven to be vulnerable...leading to devastating consequences.
Read more of our top event takeaways today.
CISA Flags Exploitation of Microsoft SharePoint Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities Catalog following evidence of its active exploitation.
CVE-2024-38094 vulnerability affects Microsoft SharePoint and is categorized as a deserialization vulnerability. The vulnerability was initially disclosed on July 9th, 2024, and has been assigned a maximum severity rating of “Important” by Microsoft, with a CVSS score of 7.2.
领英推荐
The weakness stems from the deserialization of untrusted data, classified under CWE-502.
Attackers can exploit such vulnerabilities to execute arbitrary code on affected systems, posing significant risks to organizations that rely on SharePoint for collaboration and data management.
CISA’s inclusion of this vulnerability in its catalog underscores its potential threat.
Money20/20: Are You Attending?
Money20/20 USA is touted as the world's "biggest, most influential gathering of the global money ecosystem including banks, payments, tech, startups, retail, fintech, financial services, and policy."
Next week, our team is looking forward to furthering conversations about what organizations like yours are doing to set cybersecurity-related goals–and prevent becoming a part of the cyber crime statistics.
In 2024 and beyond, the professional forecast is that global cyber crime damage costs (including within the financial sector) will skyrocket by 15% year-over-year for the next three years, reaching a staggering $10.5 trillion USD annually as early as 2025.
This year's show theme is "Human X Machine", where thought leaders will discuss how, in our current ecosystem, no component the financial industry will remain untouched by the collaboration between humans and machines...and how manual pentesting will remain a non-negotiable.
Visit us at booth 9405 to discuss with our team the actionable steps that can be taken to make 2025 your most secure year to date.
Recent Posts From Our Ethical Hackers
Every month, our ethical hackers work to provide free resources so that your team can continue improving your organization's security posture.
Here are just some of our recent posts:
IT Cybersecurity, Networking & Cloud: CEH | ISO/IEC 27001Lead Auditor | CYSA+, N+, A+| Google Cybersecurity | Ccna, CyberOps| Aws | O365, 365 Endpoint, Azure | ITIL4 | MPS-Managed Print Services:Hp, Canon, Sharp, Lexmark
1 个月Thanks for sharing