2023 and Architecture - Cyber Security Informer

Zero Trust Network Architecture vs Zero Trust: What Is the Difference?

Joseph Steinberg

JANUARY 4, 2023

But, even those who have a decent grasp on the meaning of Zero Trust seem to frequently confuse the term with Zero Trust Network Architecture (ZTNA). Zero Trust Network Architecture is an architecture of systems, data, and workflow that implements a Zero Trust model. In short, Zero Trust is an approach.

Architecture

Architecture Artificial Intelligence Encryption Cybersecurity

Coffee with the Council Podcast: Scoping and Segmentation: Navigating Modern Network Architecture and PCI DSS v4.x

PCI perspectives

NOVEMBER 18, 2024

Recently, PCI SSC published a new information supplement called PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council.

Architecture

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

The experts used a diagnostic software to analyze the vehicle architecture, scan the Electronic Control Unit (ECU), identify its version, and test diagnostic functions. Kaspersky published research findings on the first-generation Mercedes-Benz User Experience (MBUX) infotainment system, specifically focusing on the Mercedes-Benz Head Unit.

Software

Software Architecture Media Engineering

New Information Supplement: PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures

PCI perspectives

SEPTEMBER 9, 2024

The PCI Security Standards Council (PCI SSC) has published a new Information Supplement:  PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures. This

Architecture

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

The Last Watchdog

JULY 7, 2023

Budapest, Hungary, July 07, 2023 — Silent Signal, a leading technology provider of state-of-the-art ethical hacking services and solutions, discovered and reported a vulnerability to IBM, that has been confirmed and identified under CVE-2023-30990. Affected product(s) and version(s) are IBM i 7.2, IBM i 7.3, and IBM i 7.5

Architecture

Architecture Hacking Media Government

GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023

Security Affairs

SEPTEMBER 11, 2023

Google rolled out emergency security updates to address a new Chrome zero-day (CVE-2023-4863) actively exploited in the wild. The vulnerability, tracked as CVE-2023-4863, is the fourth actively exploited zero-day fixed by Google in 2023. The flaw CVE-2023-4863 is a critical heap buffer overflow that resides in the WebP.

Architecture

Architecture Engineering Hacking Information Security

Architecture Matters When it Comes to SSE

CyberSecurity Insiders

MAY 17, 2023

by John Spiegel, Director of Strategy, Axis Security Gartner just released the 2023 version of their “Magic Quadrant” for Secure Service Edge or SSE. ” Or said another way, “architecture matters”. The post Architecture Matters When it Comes to SSE appeared first on Cybersecurity Insiders. Ask the critical questions.

Architecture

Architecture Engineering Marketing Internet

BSides Knoxville 2023 – Hudson Bush – Enterprise Security Architecture Isn’t Just For Enterprises Anymore

Security Boulevard

JULY 12, 2023

Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel. Permalink The post BSides Knoxville 2023 – Hudson Bush – Enterprise Security Architecture Isn’t Just For Enterprises Anymore appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

On the Cybersecurity Jobs Shortage

Schneier on Security

SEPTEMBER 20, 2023

million in 2023, with more than 750,000 of those positions in the U.S. In April, Cybersecurity Ventures reported on extreme cybersecurity job shortage: Global cybersecurity job vacancies grew by 350 percent, from one million openings in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures.

Cybersecurity

Cybersecurity CISO Engineering Architecture

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. More than a third (39%) used the microservice architecture. Server-Side Request Forgery (SSRF) The popularity of the cloud and microservice architectures is on the rise.

Passwords

Passwords Authentication Architecture Risk

Cybersecurity Predictions for 2023: My Reflections

Jane Frankland

NOVEMBER 20, 2023

My Predictions for Cybersecurity in 2023 were… Technology enables opportunities as fast as it introduces threats. Here are my predictions for 2023. Types of attacks. Sustainability. More companies will be focused on sustainability.

Cybersecurity

Cybersecurity Digital transformation Artificial Intelligence Architecture

New ransomware trends in 2023

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. Later, we encountered a version of BlackBasta that targeted ESXi environments, and the most recent version that we found supported the x64 architecture. In 2022, Kaspersky solutions detected over 74.2M

Ransomware

Ransomware Malware Architecture Telecommunications

The Appsec Landscape in 2023

Adam Shostack

JANUARY 2, 2025

External changes will be driving appsec in 2023. 2023 brings new challenges and new opportunities for software companies, and all companies are now software companies. Were also likely to see requirements for architecture diagrams. For example, the FDAs latest pre-market cyber draft includes: [Architecture views including].Detailed

Engineering

Engineering Software Architecture Manufacturing

PCI SSC Announces 2023 Special Interest Group Election Results

PCI perspectives

MARCH 15, 2023

Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Council has confirmed the winning SIG topic for 2023. The Council’s Participating Organizations voted to select “Scoping and Segmentation for Modern Network Architectures” as the focus for the year ahead.

Architecture

Bolster SaaS Security Posture Management with Zero Trust Architecture

Cisco Security

JUNE 13, 2024

According to AppOmni’s 2023 State of SaaS Security report, 79% of organizations reported a SaaS security incident during the preceding 12-month period. As enterprises incrementally store and process more sensitive data in SaaS applications, it is no surprise that the security of these applications has come into greater focus.

Architecture

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Carignan Nicole Carignan , Vice President of Strategic Cyber AI, Darktrace If 2023 was the year of generative AI and 2024 the year of AI agents, 2025 will spotlight multi-agent systems, or agent swarms. These systems promise innovation but also introduce risks.

Cyber threats

Cyber threats CISO IoT Phishing

What’s Next in Cybersecurity: Insights for 2023

CyberSecurity Insiders

JANUARY 6, 2023

Here are the five challenges that will alter the industry in 2023: Zero trust will replace perimeter security. In fact, Gartner reports that zero-trust network access will remain the fastest-growing segment in network security, with growth of 36 percent in 2022 and 31 percent anticipated in 2023.

Cybersecurity

Cybersecurity Manufacturing Education Technology

What your SOC will be facing in 2023

SecureList

JANUARY 23, 2023

The first part of this report is devoted to the most current threats any SOC is likely to face in 2023. They are closely intertwined with the threats looming over corporations in 2023, as only an effectively organized team can safeguard business against rapidly evolving malware and attack methods.

Government

Government Media Social Engineering Ransomware

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

CyberSecurity Insiders

DECEMBER 18, 2022

A look ahead to 2023 we can expect to see changes in MFA, continued Hactivism from non-state actors, CISOs lean in on more proactive security and crypto-jackers will get more savvy. In 2023, crypto-jackers will get more savvy and we might start to see the detrimental effects of what is usually considered inevitable or negligible.

Cybersecurity

Cybersecurity CISO Insurance Ransomware

Researcher Exposes Inductive Automation Ignition Vulnerabilities: CVE-2023-39475 & 39476

Penetration Testing

JANUARY 4, 2024

Built on a robust SQL Database-centric architecture, Ignition transformed the SCADA landscape with its cross-platform web-based deployment through... The post Researcher Exposes Inductive Automation Ignition Vulnerabilities: CVE-2023-39475 & 39476 appeared first on Penetration Testing.

Penetration Testing

Penetration Testing Architecture Software

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH.

IoT

IoT DDOS Passwords Malware

NIST’s Post-Quantum Cryptography Standards

Schneier on Security

AUGUST 8, 2022

NIST was poised to make final algorithm selections in 2022, with a plan to have a draft standard available for public comment in 2023. It took a couple of decades to fully understand von Neumann computer architecture; expect the same learning curve with quantum computing. Cryptanalysis over the competition was brutal.

Encryption

Encryption Architecture Engineering Information Security

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

eSecurity Planet

OCTOBER 9, 2023

This vulnerability, identified as CVE-2023-42793 , can give unauthenticated attackers remote code execution (RCE) abilities without requiring user input by exploiting an authentication bypass flaw. The problem: Arm has issued a security alert on CVE-2023-4211 , an actively exploited vulnerability in its Mali GPU drivers.

Architecture

Architecture Ransomware Software Accountability

BSides Sofia 2023 Intro

Security Boulevard

JULY 14, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 Intro appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

3 primo cloud computing jobs in 2023

InfoWorld on Security

OCTOBER 28, 2022

Most enterprises now realize they must fix many architectural and implementation mistakes, as well as keep pace with the rapid growth of multicloud and more complex cloud computing systems. Both need to be mitigated with sound planning and good architecture. For many enterprises, the ROI for cloud computing is nowhere to be found.

Architecture

Architecture Marketing Risk

Alert: New Stealthy "RustDoor" Backdoor Targeting Apple macOS Devices

The Hacker News

FEBRUARY 9, 2024

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.

Architecture

Five Cybersecurity Trends that Will Affect Organizations in 2023

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. For more information, visit www.netwrix.com.

Cybersecurity

Cybersecurity Cybercrime Social Engineering Risk

BSides Leeds 2023 – Saskia Coplans – Outsourcing Development

Security Boulevard

AUGUST 5, 2023

Thanks are in order to BSides Leeds for publishing their presenter’s outstanding BSides Leeds 2023 security content on the organizations’ YouTube channel. Permalink The post BSides Leeds 2023 – Saskia Coplans – Outsourcing Development appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now

The Hacker News

SEPTEMBER 11, 2023

Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash. Apple Security Engineering and Architecture (SEAR

Architecture

Architecture Engineering

BSides Sofia 2023 – Peter Kirkov, e-Government – Keynote

Security Boulevard

JULY 15, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Peter Kirkov, e-Government – Keynote appeared first on Security Boulevard.

Government

Government Architecture CISO Education

BSides Leeds 2023 – Charles Bain – Fawlty Towers

Security Boulevard

AUGUST 6, 2023

Thanks are in order to BSides Leeds for publishing their presenter’s outstanding BSides Leeds 2023 security content on the organizations’ YouTube channel. Permalink The post BSides Leeds 2023 – Charles Bain – Fawlty Towers appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

BSides Sofia 2023 – Evgeni Saber – Advanced Enterprise Vulnerability

Security Boulevard

JULY 17, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Evgeni Saber – Advanced Enterprise Vulnerability appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

BSides Leeds 2023 – Peter Jones – Practical Blue Teaming

Security Boulevard

JULY 27, 2023

Thanks are in order to BSides Leeds for publishing their presenter’s outstanding BSides Leeds 2023 security content on the organizations’ YouTube channel. Permalink The post BSides Leeds 2023 – Peter Jones – Practical Blue Teaming appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

BSides Leeds 2023 – Dan Cannon – Red Red Whine

Security Boulevard

AUGUST 3, 2023

Thanks are in order to BSides Leeds for publishing their presenter’s outstanding BSides Leeds 2023 security content on the organizations’ YouTube channel. Permalink The post BSides Leeds 2023 – Dan Cannon – Red Red Whine appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

BSides Sofia 2023 – Georgi Gerganov – Keytap Acoustic Keyboard Eavesdropping

Security Boulevard

JULY 21, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Georgi Gerganov – Keytap Acoustic Keyboard Eavesdropping appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

BSides Sofia 2023 – Radoslav Gerganov – Hyundai Head Unit Hacking

Security Boulevard

JULY 18, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Radoslav Gerganov – Hyundai Head Unit Hacking appeared first on Security Boulevard.

Hacking

Hacking Architecture CISO Education

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN

VPN Authentication Ransomware Antivirus

BSides Sofia 2023 – Vasil Velichkov – Hacking Attacks Against Government Institutions

Security Boulevard

JULY 16, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Vasil Velichkov – Hacking Attacks Against Government Institutions appeared first on Security Boulevard.

Government

Government Hacking Architecture CISO

Coverage Advisory for CVE-2023-34362 MOVEit Vulnerability

Security Boulevard

JUNE 9, 2023

On 31-May-2023, Progress Software disclosed a critical vulnerability CVE-2023-34362 in the MOVEit application. As of 7 June 2023, there were roughly 2,500 instances of MOVEit Transfer exposed to the public internet. It connects to the database and offers data exfil functionality based on a provided X-siLock-Step1 header.

Software

Software Internet Internet Malware

BSides Sofia 2023 – Daniela Shalev – Hunting Unsigned DLLs To Find APT

Security Boulevard

JULY 17, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Daniela Shalev – Hunting Unsigned DLLs To Find APT appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

MY TAKE: As network perimeters shift and ecosystems blend, the role of MSSPs solidifies

The Last Watchdog

JULY 19, 2023

I had the chance to discuss this with Shinichi Yokohama, NTT Global CISO and John Petrie, Counselor to the NTT Global CISO, at RSA Conference 2023. Traditionally most corporations have had a perimeter-based security architecture, but in the era of cloud and mobile, etcetera, the enterprise needs to have a North Star,” Yokohama says.

CISO

CISO Architecture Network Security Cloud Migration

The end of the i386 kernel and images

Kali Linux

OCTOBER 21, 2024

The i386 architecture has long been obsolete, and from this week, support for i386 in Kali Linux is going to shrink significantly: i386 kernel and images are going away. Some terminology first Let’s start with the terms used in Kali Linux to talk about CPU architectures. amd64 refers to the x86-64 architecture, ie.

Architecture

Architecture Software

Weekly Vulnerability Recap – Sept. 25, 2023 – Flaws in Apple Devices, DevOps Tools and More

eSecurity Planet

SEPTEMBER 25, 2023

18, 2023 GitLab tells community and enterprise users to update their instances Type of attack: Improper access control: Attackers can exploit GitLab’s scanning policies by acting as a legitimate user. The flaw ( CVE-2023-41179 ) carries a 7.2 Also read: Building a Ransomware Resilient Architecture Sept. severity rating.

Ransomware

Ransomware Antivirus Penetration Testing Telecommunications

Zero Trust Network Architecture vs Zero Trust: What Is the Difference?

Coffee with the Council Podcast: Scoping and Segmentation: Navigating Modern Network Architecture and PCI DSS v4.x

Trending Sources

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

Experts found multiple flaws in Mercedes-Benz infotainment system

New Information Supplement: PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023

Architecture Matters When it Comes to SSE

BSides Knoxville 2023 – Hudson Bush – Enterprise Security Architecture Isn’t Just For Enterprises Anymore

On the Cybersecurity Jobs Shortage

Top 10 web application vulnerabilities in 2021–2023

Cybersecurity Predictions for 2023: My Reflections

New ransomware trends in 2023

The Appsec Landscape in 2023

PCI SSC Announces 2023 Special Interest Group Election Results

Bolster SaaS Security Posture Management with Zero Trust Architecture

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

What’s Next in Cybersecurity: Insights for 2023

What your SOC will be facing in 2023

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

Researcher Exposes Inductive Automation Ignition Vulnerabilities: CVE-2023-39475 & 39476

Overview of IoT threats in 2023

NIST’s Post-Quantum Cryptography Standards

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

BSides Sofia 2023 Intro

3 primo cloud computing jobs in 2023

Alert: New Stealthy "RustDoor" Backdoor Targeting Apple macOS Devices

Five Cybersecurity Trends that Will Affect Organizations in 2023

BSides Leeds 2023 – Saskia Coplans – Outsourcing Development

Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now

BSides Sofia 2023 – Peter Kirkov, e-Government – Keynote

BSides Leeds 2023 – Charles Bain – Fawlty Towers

BSides Sofia 2023 – Evgeni Saber – Advanced Enterprise Vulnerability

BSides Leeds 2023 – Peter Jones – Practical Blue Teaming

BSides Leeds 2023 – Dan Cannon – Red Red Whine

BSides Sofia 2023 – Georgi Gerganov – Keytap Acoustic Keyboard Eavesdropping

BSides Sofia 2023 – Radoslav Gerganov – Hyundai Head Unit Hacking

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

BSides Sofia 2023 – Vasil Velichkov – Hacking Attacks Against Government Institutions

Coverage Advisory for CVE-2023-34362 MOVEit Vulnerability

BSides Sofia 2023 – Daniela Shalev – Hunting Unsigned DLLs To Find APT

MY TAKE: As network perimeters shift and ecosystems blend, the role of MSSPs solidifies

The end of the i386 kernel and images

Weekly Vulnerability Recap – Sept. 25, 2023 – Flaws in Apple Devices, DevOps Tools and More

Stay Connected