CVE-2024-40766 is a critical (CVSS v3 score: 9.3) access control flaw affecting SonicWall firewall devices that attackers are actively exploiting to deliver ransomware. CyCognito discovery and testing engines detect all assets running SonicWall SonicOS products and leverage multiple tests to services of the vulnerable product and versions. All customers have access to an in-platform emerging security issue announcement as of September 10th, 2024.
CyCognito’s new certified integration with ServiceNow’s Configuration Management Database (CMDB) enhances asset visibility and streamlines management to bolster cybersecurity defenses. By synchronizing CyCognito assets with ServiceNow Configuration Items (CIs), the integration ensures that the CMDB remains current, enabling quicker assessment and response to potential threats. This integration is particularly valuable for organizations aiming to standardize asset management and security operations on the ServiceNow platform.
I recently sat down with Daniel Schlegel, the Global Chief Information Officer (CIO), Chief Security Officer, and Chief Privacy Officer of Berlitz Corporation, a global leader in language training and cultural education, to hear about their transformative experience using CyCognito to gain global external attack surface visibility, reduce costs, and enhance their security posture.
Die Frist für NIS 2 endet im Oktober 2024: Auch wenn es in vielen Mitgliedsstaaten noch länger dauert, bis diese Direktive in lokale Gesetze gegossen sein wird, beginnen doch schon viele betroffene Unternehmen mit der Planung bzw. Umsetzung der für sie passenden Maßnahmen. CyCognitos umfassende External Attack Surface Risk Management Plattform kann die Umsetzung wichtiger Bestandteile der NIS 2 Richtlinie beschleunigen.. Dieser Blog ist eine passende Lektüre für alle, die sich mit dem Verständnis der NIS 2-Anforderungen und der Suche nach dem schnellsten Weg zur Erfüllung dieser Anforderungen beschäftigen.
This blog post discusses a recent software supply chain attack that targeted the popular JavaScript service, Polyfill.io. The attack highlights the importance of software supply chain security and provides how CyCognito can help identify third-party libraries to mitigate exposed vulnerabilities.
I recently sat down with Daniel Maier-Johnson, the Chief Information Security Officer (CISO), and Markus Diehm, Cybersecurity Analyst, with Asklepios Kliniken GmbH, Germany’s second-largest private healthcare provider, to hear about their experience using CyCognito to gain continuous monitoring, prioritize cyber risks, and safeguard patient information.
A survey of cybersecurity professionals in the U.S. and U.K. reveals challenges in web application security testing. Key findings include extensive attack surfaces due to numerous in-house and third-party applications, frequent security incidents, concerns about the effectiveness of existing tools, and inadequate testing coverage. Additionally, over half of respondents struggle to remediate discovered vulnerabilities. These findings highlight the need for improved web application security testing strategies.
CyCognito shares insights showing how security teams can learn from previous incidents and leverage exposure management techniques to stay ahead of attackers.
