Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for What is SQL Injectio ...

 What is

Are you aware of the growing threat of SQL injection attacks and how they can jeopardize your website's security? As technology continues to evolve, so do cyber threats that target vulnerabilities in databases. In this increasingly digital world, it is crucial for businesses to prioritize safeguarding their online   show more ...

assets. Here SQL injection comes into play. In 2023, SQL Injection accounted for 23% of critical vulnerabilities discovered in web applications worldwide, making it the primary source of such vulnerabilities. If this term sounds unfamiliar or complex, fear not. In this blog post we will break down what is SQL injection and provide practical tips on how to prevent it from happening. Table of Contents What is SQL Injection in Cyber Security With Example? How SQL Injection Works Types of SQL Injection in Cyber Security How to Prevent SQL Injection How to Detect SQL Injection Vulnerabilities How and Why SQL Injection Attacks Are Executed How to Recover from an SQL Injection Attack Wrapping Up! Key Highlights FAQ's What is SQL Injection in Cyber Security With Example? SQL injection is a type of cyber attack that targets the security vulnerabilities in web applications and databases. It occurs when malicious SQL (Structured Query Language) code is inserted into input fields of a web form or URL, exploiting security flaws to manipulate the database and execute unauthorized commands. Example: Suppose there is a website with a search function that allows users to search for products by entering keywords. The website's URL might look like this: https://example.com/search?keyword=shoes Now, an attacker could manipulate the input field by entering a malicious SQL command such as: https://example.com/search?keyword=' OR '1'='1 In this example, the attacker inserts the SQL command ' OR '1'='1, which essentially tells the database to return all records because the condition '1'='1' always evaluates to true. As a result, the attacker gains unauthorized access to sensitive information stored in the database, such as user credentials, financial data, or other confidential information. How SQL Injec26tion Works? SQL injection is a type of cyber attack where malicious SQL (Structured Query Language) code is inserted into input fields of a web application to manipulate the application's database. Here's how it works: 1) Identifying Vulnerable Input Fields: Attackers first identify input fields within a web application that interact with the application's database. Common targets include login forms, search boxes, and URL parameters. 2) Crafting Malicious SQL Queries: Once a vulnerable input field is identified, attackers craft malicious SQL queries that exploit the input field's lack of proper input validation or sanitization. The goal is to inject SQL code that alters the intended behavior of the application's database queries. 3) Injecting Malicious Code: Attackers then inject the crafted SQL code into the input field. This can be done by typing directly into form fields, modifying URL parameters, or sending specially crafted HTTP requests to the application. 4) Executing the Attack: When the application processes the input, it dynamically constructs SQL queries based on the user-supplied data. If the input is not properly sanitized, the injected SQL code becomes part of the query and is executed by the database server. Depending on the nature of the injected SQL code, attackers can exploit the vulnerability in various ways: Data Extraction: Attackers can retrieve sensitive information from the database, such as usernames, passwords, or confidential records. Data Manipulation: Attackers can modify or delete existing data in the database, potentially causing data loss or corruption. Database Takeover: In severe cases, attackers may gain unauthorized access to the entire database server, allowing them to execute arbitrary commands and compromise the entire application. 5) Impact: SQL injection attacks can have severe consequences, including data breaches, financial losses, damage to reputation, and legal liabilities. They are considered one of the most prevalent and damaging security vulnerabilities in web applications. To prevent SQL injection attacks, developers should implement proper input validation and sanitization techniques, use parameterized queries or prepared statements, and employ web application firewalls and intrusion detection systems to detect and block malicious SQL injection attempts. Regular security assessments and code reviews are also essential to identify and remediate potential vulnerabilities in web applications. Types of SQL Injection in Cyber Security In cybersecurity, SQL injection attacks come in various forms, each targeting different vulnerabilities within web applications and databases. Here are the main types of SQL injection attacks: 1) Classic SQL Injection: Description: Classic SQL injection attacks occur when attackers insert malicious SQL code into input fields, such as login forms, search boxes, or URL parameters, with the intention of manipulating the database query. Example: Consider a login form that takes a username and password. An attacker could input something like ' OR '1'='1 into the username field, causing the SQL query to return true for all users and allowing the attacker to log in without a valid password. 2) Blind SQL Injection: Description: Blind SQL injection attacks don't provide direct feedback to the attacker. Instead, the attacker relies on observing differences in the application's responses to infer information about the database. Example: An attacker might input conditional statements like 1=1 or 1=2 into input fields and analyze the application's responses to determine whether the injected condition evaluates to true or false. 3) Error-based SQL Injection: Description: Error-based SQL injection exploits error messages generated by the database to extract information. By intentionally triggering errors, attackers can gain insights into the database structure or contents. Example: An attacker might input a query like 1/0 or ' into an input field to provoke an error message that reveals details about the database schema or data. 4) Union-based SQL Injection: Description: Union-based SQL injection involves injecting UNION operators into SQL queries to combine the results of multiple SELECT statements. This technique allows attackers to extract additional information from the database. Example: An attacker might inject a UNION SELECT statement into an input field to retrieve data from other tables in the database along with the legitimate query results. 5) Time-based SQL Injection: Description: Time-based SQL injection attacks involve inserting conditional SQL queries that cause delays in the server's response. By measuring the delay in responses, attackers can infer information about the database structure or contents. Example: An attacker might inject a conditional statement like WAITFOR DELAY '0:0:10' into an input field and observe whether the server takes longer to respond, indicating a successful injection. 6) Second-order SQL Injection: Description: Second-order SQL injection, also known as stored SQL injection, occurs when the malicious input is stored in the database and executed at a later time. This type of attack can be more difficult to detect and mitigate. Example: An attacker might input malicious code into a form field that gets stored in the database. When the stored data is later used in a SQL query, the injected code is executed, leading to a potential breach. 7) Out-of-band SQL Injection: Description: Out-of-band SQL injection attacks leverage alternative communication channels, such as DNS or HTTP requests, to extract data from the database. This approach is useful when traditional SQL injection techniques are blocked by security measures. Example: An attacker might inject a payload that triggers an out-of-band communication, such as a DNS lookup or HTTP request to a controlled server, allowing them to exfiltrate data from the database indirectly. How to Prevent SQL Injection? Preventing SQL injection attacks requires a combination of secure coding practices, input validation techniques, and robust security measures. Here are some effective strategies to prevent SQL injection: 1) Use Parameterized Queries or Prepared Statements: Instead of directly embedding user input into SQL queries, use parameterized queries or prepared statements provided by your programming language's database API. These methods separate SQL code from user input, preventing attackers from injecting malicious SQL commands. 2) Input Validation and Sanitization: Validate and sanitize all user-supplied input before using it in SQL queries. Implement strict validation rules to allow only expected characters and data types. Sanitize input by escaping special characters or using parameterized queries to ensure that user input cannot alter the structure of SQL queries. 3) Least Privilege Principle: Limit the privileges of database accounts and application users to reduce the potential impact of SQL injection attacks. Use the principle of least privilege to grant only the minimum permissions required for specific database operations. Avoid using privileged accounts for routine application tasks. 4) Use Stored Procedures: Utilize stored procedures or predefined database routines to encapsulate SQL logic and enforce access controls. Stored procedures can help prevent SQL injection by limiting the direct execution of dynamic SQL queries and providing a layer of abstraction between the application code and the database. 5) Implement Input Whitelisting: Define a whitelist of acceptable input values and reject any input that does not conform to the whitelist. Whitelisting ensures that only safe and expected input is processed by the application, reducing the risk of SQL injection attacks. 6) Secure Development Practices: Train developers on secure coding practices and incorporate security reviews and code audits into the software development lifecycle. Use static analysis tools and security scanners to identify and remediate potential vulnerabilities in code early in the development process. 7) Web Application Firewalls (WAFs): Deploy a web application firewall to monitor incoming HTTP requests and filter out malicious SQL injection attempts. WAFs can inspect request payloads, detect suspicious patterns indicative of SQL injection, and block or mitigate attacks in real-time. 8) Regular Security Audits and Penetration Testing: Conduct regular security audits and penetration testing to identify and remediate SQL injection vulnerabilities in web applications. Test the application's input validation mechanisms, parameterized queries, and error handling routines to ensure they are effective against SQL injection attacks. By implementing these preventive measures, organizations can significantly reduce the risk of SQL injection attacks and protect their web applications and databases from exploitation. How to Detect SQL Injection Vulnerabilities? Detecting SQL injection vulnerabilities can be done manually or with automated tools like Burp Scanner. Here's how you can manually detect SQL injection vulnerabilities: Test with Single Quote Character ('): Submit the single quote character ' to each entry point in the application and observe for any errors or anomalies in the response. Test with SQL Syntax: Use SQL-specific syntax that evaluates to the original value of the entry point and to a different value. Look for systematic differences in the application's responses to identify potential vulnerabilities. Test with Boolean Conditions: Submit boolean conditions like OR 1=1 and OR 1=2 to the entry points and analyze the application's responses for discrepancies. Test with Time Delay Payloads: Inject payloads designed to trigger time delays when executed within a SQL query. Monitor the time taken for the application to respond and identify any significant differences. Test with OAST Payloads: Use out-of-band (OAST) payloads designed to trigger network interactions when executed within a SQL query. Monitor any resulting interactions to detect potential vulnerabilities. Alternatively, you can opt for automated scanning tools like Burp Scanner, which can efficiently identify the majority of SQL injection vulnerabilities in your application. These tools conduct comprehensive scans and provide detailed reports on any detected vulnerabilities, helping you address them promptly. How and Why SQL Injection Attacks Are Executed? To initiate an SQL Injection attack, an assailant must first identify vulnerable user inputs within the web page or web application. When a web page or web application contains an SQL Injection vulnerability, it directly incorporates user input into an SQL query.   The attacker then crafts input content, often referred to as a malicious payload, which forms the core of the attack. Once the attacker transmits this content, the database executes malicious SQL commands. SQL, or Structured Query Language, serves as a query language designed to manage data stored in relational databases. It enables users to access, modify, and delete data, with many web applications and websites relying on SQL databases for data storage. In certain scenarios, SQL commands may also execute operating system commands, thereby magnifying the potential consequences of a successful SQL Injection attack. Perpetrators leverage SQL Injections to uncover the credentials of other users stored in the database, subsequently assuming their identities. In some instances, the impersonated user may hold the status of a database administrator, endowed with comprehensive database privileges. SQL facilitates the selection and retrieval of data from databases, rendering an SQL Injection vulnerability a gateway for attackers to obtain unrestricted access to all data within a database server. Furthermore, SQL permits the modification of database content, allowing attackers to manipulate financial data in a banking application, such as altering balances, nullifying transactions, or redirecting funds to their accounts. Moreover, SQL enables the deletion of records from databases, including the ability to drop entire tables. Even with database backups in place, data deletion can disrupt application availability until the database is restored, with recent data potentially remaining unrecoverable. In certain database server configurations, accessing the operating system via the database server is feasible, either intentionally or inadvertently. In such scenarios, an SQL Injection can serve as the initial attack vector, paving the way for subsequent attacks on internal networks shielded by firewalls. How to Recover from an SQL Injection Attack? Recovering deleted or compromised data resulting from an SQL attack involves various strategies, with data recovery playing a pivotal role in the incident response process for organizations facing compromised data or security systems. The incident response team (IRT) typically opts for one of two approaches: employing a log shipped database for data identification and correction, or resorting to a disaster recovery solution centered around data retrieval via backups. However, both methods have their limitations, necessitating the expertise of a skilled or certified incident responder to determine the most suitable course of action. Let's delve into the pros and cons of each approach: 1) Utilizing Data Correction Analysis This approach offers the advantage of swift and efficient data recovery if the exact time of data compromise is known and if a suitable technology or product is available to facilitate the restoration process. However, uncertainty regarding the precise timing of data infection can impede quick recovery efforts, potentially resulting in significant data loss. In such cases, prompt recovery from backups may become imperative, as data are often appended rather than relocated, inserted, or deleted. Thus, rectifying the malicious string becomes the primary objective. 2) Employing Backup/Restore or High Availability Options Tracing and rectifying malicious content in all text columns and tables scripts for the SQL server is straightforward, enabling a certified incident responder to identify and address the issue effectively. Through meticulous data correction analysis, the incident responder or IRT can easily pinpoint and rectify table values. However, a prerequisite for this approach is performing a database backup before implementing any modifications or alterations to preserve data integrity for forensic purposes. Therefore, adherence to recommended SQLi mitigation techniques is crucial to ensure an appropriate response. Wrapping Up! We have explored the dangerous realm of SQL injection and how it can wreak havoc on our databases and websites. We learned that SQL injection is the act of injecting malicious code into a database query, which can lead to data theft, website defacement, or even complete system compromise. However, we also learned that there are multiple steps we can take to prevent SQL injection attacks. From using parameterized queries and stored procedures to properly sanitizing user inputs and implementing strict permission controls, there are many strategies available to protect against SQL injection. It is crucial for developers and website owners to stay vigilant and regularly audit their systems for any vulnerabilities or suspicious activity. Additionally, educating ourselves and others about the dangers of SQL injection can also play a crucial role in preventing these attacks from occurring. As technology continues to advance at a rapid pace, it is more important than ever to stay proactive in securing our data and protecting our websites from potential threats like SQL injection. Key Highlights SQL injection is a cyber attack technique used to manipulate SQL queries via user input fields on web applications. Attackers exploit vulnerabilities in web applications to inject malicious SQL code, allowing them to access, modify, or delete data from the underlying database. SQL injection attacks can lead to data breaches, unauthorized access, data manipulation, and even complete server compromise. To prevent SQL injection, developers should use parameterized queries or prepared statements to sanitize user inputs. Input validation and proper error handling are essential to detect and mitigate SQL injection vulnerabilities. FAQ's 1) What is SQL injection? SQL injection is a type of cyber attack where malicious SQL code is inserted into input fields of a web application to manipulate the database backend. 2) How does SQL injection work? Attackers exploit vulnerabilities in web applications by injecting SQL commands through user input fields, allowing them to execute unauthorized SQL queries. 3) What are the risks of SQL injection? SQL injection can lead to unauthorized access to sensitive data, data manipulation or deletion, bypassing authentication, and even complete server compromise. 4) What are the consequences of a successful SQL injection attack? Consequences may include data breaches, financial losses, reputation damage, legal liabilities, and loss of customer trust. 5) Are there any tools available to detect and prevent SQL injection? Yes, there are various tools such as WAFs, vulnerability scanners, and code analysis tools that can help detect and prevent SQL injection vulnerabilities.

image for Cybersecurity Startu ...

 Cybersecurity News

Treacle, a cybersecurity startup founded in 2021 by Subhasis Mukhopadhyay, Subhajit Manna, and Partha Das, has raised about 40 million in its pre-Series A funding round. This milestone achievement underscores the company's rapid growth and recognition within the industry. Founded by three seasoned entrepreneurs,   show more ...

Treacle has been deliberate in its mission to develop cutting-edge cybersecurity solutions that safeguard businesses from the ever-evolving threat landscape. With this latest injection of capital, the company plans to expand its product offerings, enhance its research and development capabilities, and further solidify its presence in the market. The pre-seed funding round, which marks a significant milestone for the startup, is expected to propel Treacle's growth trajectory. The company's founders express belief that this influx of capital will enable them to further accelerate goals. The funding was led by prominent investors who have shown a keen interest in Treacle's approach to tackling modern digital threats. Treacle Offers Defensive Cyber Security Solutions Treacle serves both private and government sectors with solutions developed through rigorous research. Subhasis Mukhopadhyay stated, “Our mission centers on safeguarding network infrastructures through early detection, containment, and deception of threats. We're committed to delivering unparalleled value in the market, ensuring our clients have access to premium security solutions affordably. Our goal is to establish ourselves as a market leader and create a safer cyber world within the next five to six years. The standout product of Treacle is the AI-Based Proactive Defense System with in-built Deception. This service is designed to protect businesses even if their firewalls and defense layers have been breached. It works by tracking and analyzing attacker behavior in the early stages, then luring the attacker into a complex, containerized mirage network. This strategy not only keeps other systems safe but also allows the gathering of important data about the threat, which is used to provide early warnings to SOC analysts, helping to prevent an attack before it takes place. Treacle also offers a range of other services, including Customized Honeypot Solutions, Network and Host-Based Intrusion Detection Systems, Insider Threat Detection Systems, and OT Network Security Systems. Additionally, the company can conduct thorough Cyber Security Audits and help design effective security policies. Vikram Ramasubramanian, Partner at Inflection Point Ventures, highlighted Treacle's core strengths in AI-Based Deception Technology, a cornerstone of their Defensive Cyber Security solutions. The company plans to introduce new features and enhancements that will further strengthen its security offerings and provide even greater value to its clients. Company Growth and Achievements Since its inception, Treacle has achieved significant milestones. The firm secured grants such as the C3iHub Grant and the SISFS Grant, in 2021 and 2022, respectively. Additionally, Treacle represented India under DPIIT and participated in a sponsored delegation trip to Dubai in 2022. They also won a significant grant from the Department of Telecommunications, Government of India in DCIS 2023, and were named the Best Student Led Startup in the AWS Campus Fund Grand Challenge 2023. Treacle's journey began in June 2021, following the selection of its pioneering product idea for investment. The innovative approach towards developing a Deception Technology solution caught the attention of C3iHub, leading to the securement of early funding. The seeming dedication and hard work behind the team also resulted in securing the prestigious SISFS grant from the Government of India. Since July 2021, Treacle has been part of the esteemed IHub Programme, incubated at SIIC, IIT Kanpur, which has further strengthened their commitment to developing cybersecurity solutions that stand the test of time. The pre-seed funding round, which marks a significant milestone for the startup, is expected to propel Treacle's growth trajectory. The company's founders are confident that this influx of capital will enable them to accelerate their innovation pipeline, build a stronger team, and ultimately drive greater value for their customers. The startup's vision is to empower organizations with advanced cybersecurity solutions that provide real-time protection against emerging threats. With this vision in mind, Treacle is poised to make a significant impact in the cybersecurity landscape, and this latest funding round is a testament to the company's potential for growth and success. "Securing this funding allows us to accelerate our roadmap and bring our next-generation cybersecurity solutions to a wider audience," said Subhasis Mukhopadhyay, CEO of Treacle. "We are grateful for the support from our investors and are eager to continue our journey in making the digital world safer for everyone." Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for State Actor Made Thr ...

 Cybersecurity News

A state or state-sponsored actor orchestrated the "sophisticated" cyberattacks against the British Columbia government networks, revealed the head of B.C.’s public service on Friday. Shannon Salter, deputy minister to the premier, disclosed to the press that the threat actor made three separate attempts over   show more ...

the past month to breach government systems and that the government was aware of the breach, at the time, before finally making it public on May 8. Premier David Eby first announced that multiple cybersecurity incidents were observed on government networks on Wednesday, adding that the Canadian Centre for Cyber Security (CCCS) and other agencies were involved in the investigation. Salter in her Friday technical briefing refrained from confirming if the hack was related to last month’s security breach of Microsoft’s systems, which was attributed to Russian state-backed hackers and resulted in the disclosure of email correspondence between U.S. government agencies. However, she reiterated Eby's comments that there's no evidence suggesting sensitive personal information was compromised. British Columbia Cyberattacks' Timeline The B.C. government first detected a potential cyberattack on April 10. Government security experts initiated an investigation and confirmed the cyberattack on April 11. The incident was then reported to the Canadian Centre for Cyber Security, a federal agency, which engaged Microsoft’s Diagnostics and Recovery Toolset (DaRT) due to the sophistication of the attack, according to Salter. Premier David Eby was briefed about the cyberattack on April 17. On April 29, government cybersecurity experts discovered evidence of another hacking attempt by the same “threat actor,” Salter said. The same day, provincial employees were instructed to immediately change their passwords to 14 characters long. B.C.’s Office of the Chief Information Officer (OCIO) described it as part of the government's routine security updates. Considering the ongoing nature of the investigation, the OCIO did not confirm if the password reset was actually linked to the British Columbia  government cyberattack but said, "Our office has been in contact with government about these incidents, and that they have committed to keeping us informed as more information and analysis becomes available." Another cyberattack was identified on May 6, with Salter saying the same threat actor was responsible for all three incidents. The cyberattacks were not disclosed to the public until Wednesday late evening when people were busy watching an ice hockey game, prompting accusations from B.C. United MLAs that the government was attempting to conceal the attack. “How much sensitive personal information was compromised, and why did the premier wait eight days to issue a discreet statement during a Canucks game to disclose this very serious breach to British Columbians?”the Opposition MLA Todd Stone asked. Salter clarified that the cybersecurity centre advised against public disclosure to prevent other hackers from exploiting vulnerabilities in government networks. She revealed three separate cybersecurity incidents, all involving efforts by the hackers to conceal their activities. Following a briefing of the B.C. NDP cabinet on May 8, the cyber centre concurred that the public could be notified. Salter said that over 40 terabytes of data was being analyzed but she did not specify if the hackers targeted specific areas of government records such as health data, auto insurance or social services. The province stores the personal data of millions of British Columbians, including social insurance numbers, addresses and phone numbers. Public Safety Minister and Solicitor General Mike Farnworth told reporters Friday that no ransom demands were received, making the motivation behind the multiple cyberattacks unclear. Farnworth said that the CCCS believes a state-sponsored actor is behind the attack based on the sophistication of the attempted breaches. "Being able to do what we are seeing, and covering up their tracks, is the hallmarks of a state actor or a state-sponsored actor." - Farnworth Government sources told CTV News that various government ministries and agencies, and their respective websites, networks and servers, face approximately 1.5 billion “unauthorized access” or hacking attempts daily. The number has increased over the last few years and the reason why the province budgets millions of dollars per year to cybersecurity. Salter confirmed the government spends more than $25 million a year to fortify its defenses and added that previous investments in B.C.'s cybersecurity infrastructure helped detect the multiple attacks last month. Microsoft last month alerted several U.S. federal agencies that Russia-backed hackers might have pilfered emails sent by the company to those agencies, including sensitive information like usernames and passwords. However, Salter did not confirm if Russian-backed hackers are associated with the B.C. security breach. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for The Top 10 Cybersecu ...

 Features

The ever-evolving digital landscape presents a constant challenge for businesses and individuals alike: staying secure in the face of increasingly sophisticated cyber threats. With the exponential growth of data, online transactions, and interconnected devices, the need for robust cybersecurity solutions has become   show more ...

paramount. Over the last decade-and-a-half companies established themselves by pioneering firewalls and cloud-native innovators to redefine modern defense strategies. This article delves into the top 10 cybersecurity companies with a revenue exceeding $1 billion, offering a glimpse into the industry's leading players. Top 10 Cybersecurity Companies with Revenue over $1B Understanding the strengths and specializations of these leading cybersecurity companies empowers stakeholders to make informed decisions when selecting solutions to safeguard their valuable digital assets. 1) Palo Alto Networks Revenue: US $7.52 billion Founded: 2005 by Nir Zuk (former Check Point engineer) Headquarters: Santa Clara, California Key Products/Services: Advanced firewalls, cloud-based security solutions Palo Alto Networks gained significant traction in the cybersecurity industry in 2011 when Gartner listed them as an emerging leader in its Magic Quadrant for Network Firewalls. The following year, Palo Alto Networks debuted on the New York Stock Exchange, raising over $260 million through their initial public offering (IPO) – the fourth-largest tech IPO of that year. Nikesh Arora assumed the role of Chairman and CEO in 2018. The Palo Alto Networks platform offers advanced firewalls and cloud-based security solutions, extending protection across various security domains. Since its inception, the company claims to have thwarted over 8 billion cyberattacks. Analysts predict strong future growth for the 19-year-old company, projecting an 18% annual revenue increase over the next five years. 2) Fortinet Revenue: US $5.3 billion Founded: 2000 by Ken Xie and Michael Xie Headquarters: Sunnyvale, California Key Products/Services: Network security platform, firewalls, endpoint security Fortinet built a reputation for offering a rigorous testing platform for their network security solutions, including firewalls and endpoint security. The company went public in 2009 and is known for high customer satisfaction ratings in product capabilities, value, ease of use, and support. This focus has helped Fortinet gain traction in even small business markets. Analysts project a solid 14.6% annual growth rate for the next five years. 3) Leidos Revenue: US $3.98 billion Founded: 1969 Headquarters: Reston, Virginia Key Products/Services: IT security services, government contracting Leidos was formerly known as Science Applications International Corporation (SAIC). They are a leading provider of scientific, engineering, systems integration, and technical services. Following their merger with Lockheed Martin's Information Systems & Global Solutions in 2016, Leidos emerged as the defense industry's largest IT services provider. They maintain extensive partnerships with the Department of Defense, the Department of Homeland Security, the Intelligence Community, and various other U.S. government agencies, along with select commercial markets. 4) CrowdStrike Revenue: US $3.4 billion Founded: 2011 Headquarters: Sunnyvale, California Key Products/Services: Endpoint security platform, XDR, MDR, vulnerability management CrowdStrike have redefined modern security with their cloud-native platform designed to protect critical areas of enterprise risk, including endpoints, cloud workloads, identity, and data. The CrowdStrike Security Cloud leverages advanced AI, real-time indicators of attack, threat intelligence, and enriched telemetry to deliver highly accurate detections, automated protection and remediation, elite threat hunting, and prioritised observability of vulnerabilities. CrowdStrike's solutions extend beyond endpoint protection to include XDR (Extended Detection and Response), MDR (Managed Detection and Response), vulnerability management as a service (VMaaS), and cloud security posture management (CSPM). Analysts predict a strong future for CrowdStrike, with a projected 31.8% annual revenue growth rate over the next five years. They consistently receive high marks in both MITRE’s technical evaluations and MSSP (Managed Security Service Provider) assessments. 5) F5 Networks Revenue: US $2.81 billion (2023) Founded: 1996 Headquarters: Seattle, Washington, USA Key Products/Services: Application security, multi-cloud management, application delivery networking (ADN) solutions F5 Networks is a prominent player in application security and delivery. Offers solutions for security, performance, and availability of network applications and storage systems. Products include application security, DDoS protection, and the cloud-based Silverline platform. It focuses on automation, security, performance, and insight technology to optimize app and API security for a better customer experience. Recent partnership with Telefonica expands Web Application Defense services for multi-cloud environments. 6) Check Point Revenue: US $2.4 billion Founded: 1993 Headquarters: Tel Aviv, Israel, and San Carlos, California Key Products/Services: Firewalls, network security solutions A pioneer in firewalls with a 30-year history, Check Point offers a comprehensive security portfolio consistently ranking highly in independent tests (MITRE, etc.). Provides strong security and value through traditional solutions like firewalls, gateways, UTM (Unified Threat Management), DLP (Data Loss Prevention), and encryption. It continues to invest in its service portfolio and SaaS security solutions through acquisitions like Atmosec and Perimeter81. 7) Okta Revenue: US $2.3 billion Founded: 2009 Headquarters: San Francisco Key Products/Services: Identity and access management (IAM), zero-trust security solutions Okta is a leading provider of IAM and zero-trust solutions, known for user-friendly products and attracting security buyers. Analysts project a long-term growth rate of 25% despite some publicized security breaches. It continues to focus on user-friendly and secure access management solutions with potential for significant growth. 8) Zscaler Revenue: US $1.9 billion Founded: 2007 Headquarters: San Jose, California Key Products/Services: Cloud security platform, zero-trust security solutions Zscaler offers a cloud-native platform that transforms IT infrastructure from traditional castle-and-moat networks to distributed, zero-trust environments. Zscaler's security platform encompasses Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and the Zscaler Platform, delivering cloud security and edge security solutions. This cloud-focused approach is promising, with analysts forecasting a significant 38.2% growth rate for Zscaler over the next five years. 9) Trend Micro Revenue: US $1.3 billion Founded: 1988 Headquarters: Tokyo, Japan Key Products/Services: Cloud and enterprise cybersecurity solutions, antivirus, endpoint security Trend Micro, a leader in cloud and enterprise cybersecurity, offers a comprehensive security platform encompassing cloud security, XDR (Extended Detection and Response), and solutions for businesses, data centers, and cloud environments. Trend Micro's global reach extends to over 500,000 organisations and 250 million individuals protected by their platform. Customers praise Trend Micro for the high value and ease of use of their security tools, including antivirus, full disk encryption, cloud workload protection platforms (CWPP), and intrusion detection and prevention systems (IDPSs). With a strong foundation beyond just antivirus solutions, Trend Micro is poised for continued growth. 10) Proofpoint Revenue: US $1.1 billion (pre-acquisition) Founded: 2002 Headquarters: Sunnyvale, California Acquired by: Thoma Bravo in 2021 (Acquisition price: $12.3 billion) Key Products/Services: Email Security, Advanced Threat Protection, Security Awareness Training, Archiving and Compliance, Digital Risk Protection Headquartered in Sunnyvale, California, Proofpoint is a leading enterprise cybersecurity company that offers software-as-a-service (SaaS) products focusing on email security, identity threat defense, data loss prevention, and more. Acquired by private equity firm Thoma Bravo for $12.3 billion in 2021, the company provides comprehensive solutions against advanced cybersecurity threats, regulatory compliance issues, and brand-impostor fraud, also termed as "digital risk." Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Malware and Vulnerabilities

Researchers have developed a technique called "GhostStripe" that can exploit the camera-based computer vision systems of autonomous vehicles, causing them to fail to recognize road signs, making it very risky for Tesla and Baidu Apollo vehicles.

 Feed

The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall

 Cyber Security News

Source: www.darkreading.com – Author: Ericka Chickowski, Contributing Writer Source: designer491 via Alamy Stock Photo As the CISO role matures in enterprise settings and security executives level up their positions from technology managers into more well-rounded risk advisers and business leaders, career   show more ...

progressions are changing. The CISO job is no longer the final executive destination for […] La entrada CISO as a CTO: When and Why It Makes Sense – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CISA's

Source: www.darkreading.com – Author: Nate Nelson, Contributing Writer At 2024’s RSA Conference this week, brand names like Microsoft, Amazon Web Service (AWS), International Business Machines (IBM), Fortinet, and more agreed to take steps toward meeting a set of seven objectives defined by the US’s   show more ...

premier cyber authority. The agreement is voluntary, not legally binding, anodyne, […] La entrada Is CISA’s Secure by Design Pledge Toothless? – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Karen Spiegelman, Features Editor Reality Defender co-founder and CEO Ben Colman (left) onstage with host Hugh ThompsonSource: RSA Conference For the second year in a row, an AI-based security startup took the prize for Most Innovative Startup at RSA Conference’s   show more ...

Innovation Sandbox competition. Last year, HiddenLayer started its presentation with a […] La entrada Reality Defender Wins RSAC Innovation Sandbox Competition – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Nathan Eddy, Contributing Writer Source: MBI via Alamy Stock Photo Healthcare provider Ascension, which operates 140 hospitals across 19 states, fell victim to a cyberattack that took down multiple essential systems including electronic health records (EHRs), the MyChart   show more ...

platform for patient communication, and certain medication and test-ordering systems. The organization disclosed […] La entrada Ascension Healthcare Suffers Major Cyberattack – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 confidential

Source: www.darkreading.com – Author: Dark Reading Staff Transcript of Dark Reading Confidential, Episode 1: The CISO and the SEC Becky Bracken, Senior Editor, Dark Reading: Hello everyone and welcome to Dark Reading Confidential. It’s a brand new podcast from the editors of Dark Reading where we are   show more ...

going to focus on bringing you real-world stories […] La entrada Dark Reading Confidential: The CISO and the SEC – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breached

Source: www.darkreading.com – Author: Jackson Shaw Jackson Shaw, Chief Security Officer, Clear Skye May 10, 2024 4 Min Read Source: Brain light via Alamy Stock Photo COMMENTARY Prevention: It’s the word we hear most when discussing cybersecurity. We read articles and hear experts speak about attack   show more ...

prevention or carelessness that leads to data compromises. In […] La entrada You’ve Been Breached: What Now? – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Kelly Jackson Higgins, Editor-in-Chief, Dark Reading Source: aleksandr Lychagin via Alamy Stock Photo At one of the first meetings Dark Reading held with its inaugural CISO Advisory Board last year, one of the questions a couple members of the board asked us was, “Why   show more ...

doesn’t Dark Reading have a podcast?” The […] La entrada Dark Reading ‘Drops’ Its First Podcast – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Kelly Jackson Higgins, Editor-in-Chief, Dark Reading Source: Alfonso Fabiio Iozzino via Alamy Stock Photo RSA CONFERENCE 2024 – San Francisco – Everyone’s talking about deepfakes, but the majority of AI-generated synthetic media circulating today will seem quaint   show more ...

in comparison to the sophistication and volume of what’s about to come. Kevin Mandia, […] La entrada Cybersecurity in a Race to Unmask a New Wave of AI-Borne Deepfakes – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Dark Reading Staff 1 Min Read Source: Poptika via Shutterstock The shift to cloud technologies and microservices means organizations are now managing more identities and credentials than ever. Attackers are also increasingly relying on stolen credentials to carry out their   show more ...

operations, making identity and access management (IAM) the cornerstone of enterprise […] La entrada Token Security Launches Machine-Centric IAM Platform – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: PRESS RELEASE SAN FRANCISCO, CA — May 7, 2024 — At the RSA Conference today, runZero announced the inaugural edition of the runZero Research Report, the first in a series of publications that explore the state of asset security across global enterprises. As a leading   show more ...

provider of Cyber Asset Attack Surface […] La entrada runZero Research Explores Unexpected Exposures in Enterprise Infrastructure – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 business

Source: www.theguardian.com – Author: Anna Isaac and Dan Sabbagh The IT company targeted in a Chinese hack that accessed the data of hundreds of thousands of Ministry of Defence staff failed to report the breach for months, the Guardian can reveal. The UK defence secretary, Grant Shapps, told MPs on Tuesday   show more ...

that Shared Services Connected […] La entrada MoD contractor hacked by China failed to report breach for months – Source: www.theguardian.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: Stevin By Stan Vitek, Resident Geopolitical Analyst, Cyfirma Introduction As Israel’s military campaign in Gaza continues, the United States as a political sponsor of Israel is contending with regional provocations by several members of the Iranian-aligned   show more ...

“axis of resistance.” These are inevitably gonna involve US forces, Israel and their allies. A […] La entrada Red Sea Crisis and the Risk of Cyber Fallout – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 AI

Source: www.techrepublic.com – Author: Fiona Jackson TechRepublic consolidated expert advice on how businesses can defend themselves against the most common cyberthreats, including zero-days, ransomware and deepfakes. Today, all businesses are at risk of cyberattack, and that risk is constantly growing. Digital   show more ...

transformations are resulting in more sensitive and valuable data being moved onto online systems […] La entrada How Can Businesses Defend Themselves Against Common Cyberthreats? – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Team Register Interview China remains the biggest cyber threat to the US government, America’s critical infrastructure, and its private-sector networks, the nation’s intelligence community has assessed. This is probably not all that shocking to anyone paying   show more ...

attention to recent headlines warning of Beijing’s cyber-snoops burrowing into energy facilities, emergency responder networks, […] La entrada Iran most likely to launch destructive cyber-attack against US – ex-Air Force intel analyst – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Team Register More than half a million gamblers with a penchant for powerballs will be receiving some fairly unwelcome news very soon, if not already, as cybercriminals have made off with their personal data. That’s according to Ohio Lottery, which has this week   show more ...

finally revealed the scale of its Christmas Eve […] La entrada Cybercriminals hit jackpot as 500k+ Ohio Lottery lovers lose out on their personal data – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Team Register The US government wants to make Microsoft’s vice chair and president, Brad Smith, the latest tech figurehead to field questions from a House committee on its recent cybersecurity failings. The House Committee on Homeland Security has proposed the hearing   show more ...

take place later this month on May 22. It will […] La entrada Microsoft’s Brad Smith summoned by Homeland Security committee over ‘cascade’ of infosec failures – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 attack

Source: go.theregister.com – Author: Team Register Six boffins mostly hailing from Singapore-based universities say they can prove it’s possible to interfere with autonomous vehicles by exploiting the machines’ reliance on camera-based computer vision and cause them to not recognize road signs. The   show more ...

technique, dubbed GhostStripe [PDF] in a paper to be presented at the ACM […] La entrada GhostStripe attack haunts self-driving cars by making them ignore road signs – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Team Register RSAC A malware-laced USB stick, inserted into a military laptop at a base in Afghanistan in 2008, led to what has been called the worst military breach in US history, and to the creation of the US Cyber Command. The laptop was attached to the Department of   show more ...

Defense’s Central […] La entrada ‘Four horsemen of cyber’ look back on 2008 DoD IT breach that led to US Cyber Command – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Google fixes fifth actively exploited Chrome zero-day this year Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. Google this week released security updates to address   show more ...

a zero-day flaw, tracked as CVE-2024-467, in Chrome browser. The […] La entrada Google fixes fifth actively exploited Chrome zero-day this year – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini Russia-linked APT28 targets government Polish institutions CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale   show more ...

malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked APT28 group. The attribution […] La entrada Russia-linked APT28 targets government Polish institutions – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Conference

Source: www.databreachtoday.com – Author: 1 Events , RSA Conference , RSA Conference Videos Panels Unpack the Buzz Around AI, Future Trends for CISOs Anna Delaney (annamadeline) • May 10, 2024     Mathew Schwartz, Tom Field, Anna Delaney, Rahul Neel Mani and Michael Novinson From the RSA Conference in San   show more ...

Francisco, five ISMG editors unpack […] La entrada ISMG Editors: RSA Conference 2024 Wrap-Up – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Card Not Present Fraud , Fraud Management & Cybercrime China-Linked Criminals Processed Orders Worth $50M: Security Research Labs Rashmi Ramesh (rashmiramesh_) • May 10, 2024     These aren’t real Adidas shoes. Neither are the shoes sold by a network of   show more ...

fraudulent online stories dubbed BogusBazaar. (Image: Shutterstock) Hackers linked […] La entrada Hackers Steal Credit Card Data of Deal-Seeking Shoppers – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Tim Grieveson Senior Vice President – Global Cyber Security Risk Advisor, Bitsight Tim Grieveson is Senior Vice President – Global Cyber Security Risk Advisor at Bitsight, helping organizations transform how they measure and manage their cybersecurity   show more ...

performance and risk based on years of experience as a CSO, CISO, CIO, and […] La entrada Live Webinar | Correcting your Cyber Security Posture with the Board: Data, Metrics and Lessons from 2023 – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Events , Governance & Risk Management , RSA Conference Sevco Security’s J.J. Guy on Aggregating and Prioritizing Vulnerabilities Mathew J. Schwartz (euroinfosec) • May 10, 2024     J.J. Guy, CEO, Sevco Security Security teams continue to grapple with   show more ...

maintaining a comprehensive and accurate inventory of their digital assets, vulnerabilities […] La entrada Solving the Fractured Data Problem in Exposure Management – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Cybercrime , Fraud Management & Cybercrime , Healthcare Wednesday Cyber Incident Shakes America’s Largest Healthcare System Marianne Kolbasuk McGee (HealthInfoSec) • May 10, 2024     Image: Ascension The Ascension healthcare system is sending away   show more ...

emergency patients and postponing nonemergency procedures as it digs out from a cyber incident that […] La entrada Ascension Diverts Emergency Patients, Postpones Care – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to   show more ...

impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The […] La entrada FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Jai Vijayan, Contributing Writer Source: jamesteohart via Shutterstock Millions of IoT devices in sectors such as financial services, telecommunications, healthcare, and automotive are at risk of compromise from several vulnerabilities in a cellular modem technology the   show more ...

devices use to communicate with each other and with centralized servers. The vulnerabilities in Cinterion […] La entrada Millions of IoT Devices at Risk from Flaws in Integrated Cellular Modem – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CISOs

Source: www.darkreading.com – Author: Dark Reading Staff 1 Min Read Source: Lev Dolgachov via Alamy Stock Photo Roughly a third of CISOs are dissatisfied with their compensation, according to new data from IANS Research and Artico Search. The research — “The Compensation, Budget and Satisfaction   show more ...

Benchmark for Tech CISOs, 2023–2024” — was based on nearly […] La entrada CISOs Are Worried About Their Jobs & Dissatisfied With Their Incomes – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Could

Source: www.darkreading.com – Author: Elizabeth Montalbano, Contributing Writer Source: Anthony Spratt via Alamy Stock Photo Around 50,000 instances of an open source proxy server used for small networks are exposed to denial-of-service (DoS) attacks and even potentially remote code execution (RCE), via a flaw   show more ...

that can be exploited by an HTTP request. A use-after-free flaw […] La entrada Critical Bug Could Open 50K+ Tinyproxy Servers to DoS, RCE – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan ​Europol, the European Union’s law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents   show more ...

containing classified data. EPE is an online platform law enforcement experts use to “share […] La entrada Europol confirms web portal breach, says no operational data stolen – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Lawrence Abrams After many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI and NCA have done just that, revealing the name of LockBitSupp, the operator of the LockBit ransomware operation. On   show more ...

February 19, Operation Cronos took down LockBit’s infrastructure and […] La entrada The Week in Ransomware – May 10th 2024 – Chipping away at LockBit – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.schneier.com – Author: Bruce Schneier HomeBlog Friday Squid Blogging: Squid Mating Strategies Some squids are “consorts,” others are “sneakers.” The species is healthiest when individuals have different strategies randomly. As usual, you can also use this squid post to talk about the   show more ...

security stories in the news that I haven’t covered. Read my blog […] La entrada Friday Squid Blogging: Squid Mating Strategies – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 academic papers

Source: www.schneier.com – Author: Bruce Schneier This is another attack that convinces the AI to ignore road signs: Due to the way CMOS cameras operate, rapidly changing light from fast flashing diodes can be used to vary the color. For example, the shade of red on a stop sign could look different on each line   show more ...

[…] La entrada New Attack Against Self-Driving Car AI – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Compliance

Source: securityboulevard.com – Author: Shikha Dhingra Do you recall the incidents involving Equifax, Target, and British Airways? Experiencing a data breach can significantly harm your business and reputation. According to research by the National Cyber Security Alliance, 60% of small businesses shut down   show more ...

within six months of a data breach. To mitigate the risk of […] La entrada How to Get PCI Compliance Certification? Steps to Obtain it – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cyber security

Source: securityboulevard.com – Author: Harman Singh Are your wireless networks truly safe from cyber threats? Wireless network penetration testing is critical to answer that question with confidence. Here’s what you will discover in this guide on wireless pen testing. The Importance of Wireless Penetration   show more ...

Testing Risks of Wireless Networks The Process of Wireless Penetration Testing […] La entrada What is Wireless Network Penetration Testing? [Explained] – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-05
Aggregator history
Saturday, May 11
WED
THU
FRI
SAT
SUN
MON
TUE
MayJuneJuly