May 2020

alienvault

Explain how a Virtual Private Network (VPN) works

Global health events in 2020 have accelerated a trend. Office workers are working from home more frequently. This is great for many reasons. Companies can save money on office space. People are often more productive in the environment they’re most comfortable in, their homes. Rush hour can be mitigated with fewer cars on the road.

Use Open Source freely without compromising on security or agility

WhiteSource provides a powerful yet simple solution for companies that need to secure and manage their open source components in their applications. As the only enterprise-grade solution that is focused exclusively on open source management, WhiteSource is trusted by the 25 of Fortune 100 companies.
logsign

Automated Incident Response with SOAR

Cybersecurity incidents are the norm of the day. No organization has impunity. When a cybersecurity incident occurs, incident responders have to immediately respond to contain the incident and mitigate the damage. To this end, they have to execute the Incident Response Processes (IRP). Doing it manually is expensive and time-consuming and also less effective if your organization is facing too many incidents on a weekly or monthly basis.

Open Core vs Proprietary SaaS (which to bet your startup's life on?)

Gravitational COO, Taylor Wakefield, presents at the 2019 Open Core Summit, comparing Commercial Open Source Software ("COSS" aka, Open Core Software) to Proprietary SaaS. This presentation discusses why SaaS emerged, why COSS is now emerging and looks at the S-1 data of recently IPO'd companies in each cohort to validate the assumed benefits of each model.
Featured Post

The Importance Of Cloud-based Security For Businesses

Cloud computing is the transmission of information technology services through the internet. Cloud computing is classified as public, private, or hybrid. These services are now popular with many businesses and governments, hence the need for security measures to ensure data safety and applications in the cloud. Cloud-based security involves the technology and series of procedures implemented to protect cloud computing environments from cybersecurity threats. This form of protection is necessary for small businesses, medium-sized corporations, and large organizations. Here are some of the crucial benefits of cloud-based security.
siemplify

What is Vulnerability Management?

IT infrastructure is more complex and interconnected than ever. For attackers, this provides a gold mine for easy attack vectors. In fact, approximately 60% of breaches involve unpatched software. This means that a majority of attacks were actually avoidable had the proper oversight and maintenance been in place. With an established vulnerability management process, IT organizations can greatly reduce their threat of attack and minimize the need for manual analysis or maintenance.

reciprocity

5 Strategies to Mitigate Business Risk During Coronavirus

Business risk in the United States may be higher during the novel coronavirus pandemic than at any time in our generation, making risk management a must. What are your strategies for risk mitigation—not only in your enterprise but up and down your supply chain—amidst COVID-19 disease outbreaks? Business interruption is a growing concern right now.

netskope

Setting the Stage for Cloud Security in the Federal Market

The world of cloud security is known for moving fast, turning on a dime, and evolving with ever-growing threat vectors. The Federal sector, on the other hand, has highly regulated, rigorous standards when it comes to their security, and for very good reason. The data they’re protecting is about as sensitive as it gets, and any exposure is literally a matter of national security.

upguard

SIEM vs. IDS: What is the Difference?

The main difference between a security information and event management (SIEM) solution and an intrusion detection system (IDS) is that SIEM tools allow users to take preventive actions against cyberattacks while IDS only detects and reports events. Security information and event management (SIEM) is an approach to cybersecurity combining: Note: the acronym SIEM is pronounced "sim" with a silent e.

detectify

Hiding in plain sight: HTTP request smuggling

HTTP request smuggling is increasingly exploited by hackers in the wild and in bug bounty programs. This post will explain the HTTP request smuggling attack with remediation tips. HTTP request smuggling is an attack technique that abuses how two HTTP devices send requests between each other (typically a front-end proxy or a HTTP-enabled firewall and a backend server) or chaining multiple servers together with different configurations.

sqreen

7 best practices for microservices security

Microservices have refashioned the way modern apps are developed. Previously, monolithic architecture was used for app development. A monolithic app is made from a single unit with three parts: a database, a client-side UI that runs on the user’s system or browser, and a server-side app. But in microservices, an app consists of multiple units. Each of these units runs alone and connects via APIs.

alienvault

How malware mimics the spread of COVID-19

It’s a weird time to be alive. Millions of people globally are living under government lockdowns, as we collectively endure the COVID-19 pandemic. COVID-19 has brought to light some fundamental truths about humanity, including our deep-seated need for social interactions. It has also highlighted how reliant we are on critical infrastructure like our healthcare systems and internet connections, both of which are currently strained.

tripwire

The MITRE ATT&CK Framework: Exfiltration

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage. Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an attacker exfiltrating data from the enterprise.

tripwire

Business Continuity Requires Infrastructure Continuity in Times of Remote Working

Over the last few weeks, most organisations have had to transition to enable their employees to work remotely. The key focus has been on business continuity during this trying time. Unfortunately, business continuity isn’t so easy. Keeping the day-to-day operations of the business running has been one of the hardest IT challenges that most organisations have faced in the last decade. It’s one for which many organisations might not have had a plan in place.

Security for Work from Home Tools with Live Q&A Sponsored by Optiv

As more and more professionals connect to your organization’s networks via VPN and conduct their work with tools like Zoom, Teams and WebEx, it’s critical that your cybersecurity processes expand to include these changes. Make sure you and your teams are up to speed with best practices for work-from-home tools and common mistakes you’ll want to avoid. You can find a special question and answer sponsored by Optiv at the end of the video.
siemplify

How Security Teams Are Automating, According to a New SANS Survey

Automation did not enter popular lexicon until the 1940s, when Henry Ford introduced an official “automation department” at his Michigan car plant. But the concept dates back many years before that, most notably to the industrial revolution, where automation acting as a driver for improved productivity and time management planted its roots.

synopsys

6 mistakes to avoid when choosing a managed services provider

Applications support some of the most strategic business processes and access an organization’s most sensitive data. However, application security continues to receive less budget and attention than network security. Thanks to the high-profile data breaches of the past few years, we can’t blame lack of awareness for the lack of investment. Security experts and business leaders alike are now painfully aware that hackers are targeting applications as an entry point.

Veracode Corporate Video

Veracode is a SaaS-based application security (AppSec) company founded in 2006 by a group of skilled computer hackers. The hackers, including Chris Wysopal, realized that software was very vulnerable to cyberattacks. Over the years, Veracode has established industry-leading technology that helps developers and security professionals find and fix vulnerabilities in their software. Together with Veracode, customers can confidently secure their code.

Veracode Full Solution

Veracode helps software companies write secure code on time. Veracode is a SaaS-based, or cloud-based, application security (AppSec) solution. It empowers developers to write secure code with real-time feedback in the software development lifecycle (SDLC) and provides security professionals with the tools and analytics to scale their programs and report on key metrics. Veracode’s solution comprises multiple scan types including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), interactive analysis (IAST), and penetration testing.

Veracode Static Analysis Solution

Veracode, a SaaS-based application security (AppSec) provider, offers multiple scan types including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), interactive analysis (IAST), and penetration testing. Veracode’s Static Analysis solution builds security into each phase of the software development lifecycle (SDLC) with an IDE Scan, Pipeline Scan, and Policy Scan. The scans provide fast, automated feedback to help developers secure code and remediate vulnerabilities. Teams can incorporate Veracode into their tooling with more than 30 out-of-the-box integrations, plus application programming interfaces (APIs), and code samples.

Veracode Software Composition Analysis Solution

Veracode, a SaaS-based application security (AppSec) provider, offers multiple scan types including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), interactive analysis (IAST), and penetration testing. Veracode Software Composition Analysis enables developers to take advantage of open source libraries without increasing the risk of a cyberattack. Veracode uses data mining, natural language processing, and machine learning to grow its SCA database.

Veracode Dynamic Analysis Solution

Veracode, a SaaS-based application security (AppSec) provider, offers multiple scan types including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), interactive analysis (IAST), and penetration testing. Veracode Dynamic Analysis helps organizations reduce the risk of a breach across their web applications. Our dynamic scans have a low false-positive rate, integrate with build systems like Jenkins, can be triggered through application programming interfaces (APIs), and combine findings with remediation tips.
WhiteSource

Forrester's State of Application Security, 2020: Key Takeaways

In The State of Application Security, 2020, Forrester predicts application vulnerabilities will continue to be the most common external attack method. Because of this, organizations are urged to continue testing early in the software development life cycle (SDLC), implementing auto-remediation for security vulnerabilities, and shoring up production protections.

nnt

What is Configuration Drift and How Can You Prevent it?

Configuration drift occurs when unrecorded or unplanned changes are made to a system, application or network. As a system drifts over time, away from the original intended state, the severity of the matter increases. Any user’s actions, however big or small, that result in a given configuration deviating away from one that is considered necessary or secure can have potentially severe consequences and detrimental effects on an organization.

teleport

Why Blockchain Needs Kubernetes

In under five years time, Kubernetes has become the default method for deploying and managing cloud applications, a remarkably fast adoption rate for any enterprise technology. Amongst other things, Kubernetes’s power lies in its ability to map compute resources to the needs of services in the current infrastructure paradigm. But how does this tool work when faced with the new infrastructure layer that is blockchain? Can the two technologies be used in conjunction?

egnyte

3 Ways To Easily Integrate Egnyte Content into Microsoft Teams

Now that we’ve also extended our integration to allow organizations to further use Egnyte as a default cloud storage option, users get the benefit of the Egnyte content platform with Microsoft’s productivity and collaboration tool. Egnyte capabilities through Collaboration Tab and Messaging Extension is another critical way we enhance how organizations use Microsoft Teams.

Sponsored Post
alienvault

Stories from the SOC - System compromise with lateral movement

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Malicious network traffic from foreign IPs was observed trying to establish communication to a compromised internal system.

tripwire

Protecting Fleet Data from Security Threats

Big data is revolutionizing fleet management — specifically in the form of telematics. From engine diagnostics that track fuel efficiency and mileage to sensors that detect aggressive driving behavior and interior vehicle activity, this information is so valuable that we’re quickly approaching the point where connected technology will come standard in every vehicle. Telematics is an operational goldmine.

reciprocity

Cybersecurity Hygiene Best Practices During COVID-19 and Beyond

As cybercriminals continue to use the novel coronavirus pandemic to launch cybercrime scams and cyber attacks on teleworking applications, virtual private networks (VPN), and other technologies associated with remote work, many organizations find themselves in crisis mode, as well. Your enterprise may be scrambling daily to protect your sensitive data, reduce the likelihood of data breach, and guard against malware and ransomware attacks as well as other cyber threats.

tripwire

How to Protect the Future of IT

Working remotely, either from home or from elsewhere, isn’t something new. It has been used by many companies worldwide over the past decade. That said, it was typically restricted to only a couple days a month or to specific IT-savvy departments. But as we have seen throughout time, adversity and crisis lead to change and sometimes revolutions in industry, social systems, countries and/or sometimes the entire world. COVID-19 has brought about this level of change.

tripwire

Climbing the Vulnerability Management Mountain: Reaching the Summit (VM Maturity Level 5)

Only the truly committed ever reach the summit of anything. This sentiment holds true for vulnerability management. An organization cannot reach the summit without a serious commitment to fund and staff the program appropriately across the organization. Reaching ML:5 means tying the program to the business. Everyone must be aligned with the metrics and be ready to find the root cause of any misses so that mitigations can be implemented to alleviate this miss in the future.

tripwire

Observing a Privacy Milestone: Expert Thoughts on GDPR's 2nd Anniversary

May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in achieving compliance with the Regulation by now. But that raises some important questions. What benefits have those organizations experienced in achieving compliance, for instance? Have they encountered any drawbacks along the way?

redscan

Security advisory: The risk of returning workers opening the door to dormant attackers

During the COVID-19 pandemic, more employees have been working from home than ever before. This situation has significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside of the office – something criminals are taking advantage of by targeting unsecured endpoints with increasing regularity.

logsign

What are Cyberterrorism and Cyberwarfare?

Cyberterrorism and cyberwarfare are hot topics today. Do you know what they are or how you can protect your organization against them? Read our blog post to learn! In today’s media, the terms cyberterrorism and cyberwarfare are mentioned very often. Many fear a possible cyberwar and many say that terrorism has been changing in order to gain much more digitalized characteristics.

inetco

Tips to Make More Impactful Decisions Related to Payments Revenue, Card Portfolio Profitability and Customer Service

Welcome to the final installment of our 3-part series featuring recommendations to help financial institutions (FIs) navigate the impact of COVID-19 on their payments business. While we have previously focused on providing tips around managing the surge in online and mobile transactions, as well as how to combat the increase in card-not-present fraud, this blog will focus on how to drive payments revenue and provide an exceptional customer experience.

Security For Work From Home Tools

Are you concerned about the security and compliance risks that come along with your organization’s work-from-home solutions? As more and more professionals connect to your organization’s networks via VPN and conduct their work with tools like Zoom, Teams and WebEx, it’s critical that your cybersecurity processes expand to include these changes. Make sure you and your teams are up to speed with best practices for work-from-home tools and common mistakes you’ll want to avoid.
siemplify

A Tier III SOC Engineer on Multi-Tasking and Communication During an Extended Crisis (Video)

Episode 2 of “SOC Quarantine Diaries” welcomes Rod Arthur, a Level III SOC engineer at business process services company Conduent, for insight into someone on the front-lines of threat detection and response as businesses take on new cyber-risks from COVID-19. (Hint: Experience pays off.)

reciprocity

COVID-19: Importance of Ethical Leadership During a Crisis

Change is hard—and during the COVID-19 pandemic, it’s happening at breakneck speed. Your employees and business partners need to know now, more than ever before, that they can trust you to be honest and transparent with them. This is the essence of ethical leadership. We’re standing on shaky ground as the virus sweeps through our nation and upends our economy. People are losing their jobs, their health insurance, and perhaps even their savings.

SOC Quarantine Diaries: Rod Arthur, a Level III SOC Engineer, on Relying on Experience Amid Turmoil

Episode 2: Rod Arthur of Conduent joins SOC Quarantine Diaries to share how and his security operations teammates have leaned on experience and solid communication to ride out any bumps or disruptions presented by the current crisis.
WhiteSource

DevSecOps vs. SecDevOps: A Rose by Any Other Name?

The terms DevSecOps and SecDevOps are often -- but not always -- used interchangeably. So is there any real difference between the two terms or is it all just semantics? Let’s look at how the role of security has changed as the software development life cycle (SDLC) has evolved to explore whether there’s really any difference between these two words.

nnt

Oracle and KPMG Urge the Adoption of DevSecOps in 2020 Cloud Threat Report

Oracle and KPMG recently issued their 2020 Cloud Threat Report that identifies the key security risks and challenges organizations are faced with as they implement and manage cloud solutions. The joint cloud and threat security report revealed a shift in attitudes towards cloud security, with 75% of respondents viewing the public cloud as more secure than their own data centers.

tripwire

The MITRE ATT&CK Framework: Collection

The Collection tactic outlines techniques an attacker will undertake in order to find and gather the data they need to meet their actions on objectives. I see most of these techniques as being useful for describing what a piece of malware or threat actor is up to rather than looking to them for guidance on how to mitigate and detect their actions.

siemplify

What is Incident Response? A 5-Step Plan to Resolve Security Events

In the context of cybersecurity, incident response refers to the tools, processes and methodologies that businesses use to respond to security events. Examples of such events include ransomware attacks, network breaches and phishing assaults. Although responsible security teams always strive to prevent incidents from occurring in the first place, the reality is that no organization can ever be immune to a successful attack.

reciprocity

COVID-19: User Access Management Best Practices

As cybercriminals step up their efforts during the COVID-19 crisis to infiltrate your information systems, identity and access management (IAM) processes are more important for cybersecurity than ever. Aimed at preventing data breaches and unauthorized access to your systems, IAM becomes more critical as more of your employees perform their work from home. The firewalls that protected your system perimeter won’t suffice any longer, because there is no perimeter.

upguard

What Is a Vulnerability Assessment? And How to Conduct One

Vulnerability assessment is the process of identifying, classifying, and prioritizing security vulnerabilities in IT infrastructure. A comprehensive vulnerability assessment evaluates whether an IT system is exposed to known vulnerabilities, assigns severity levels to identified vulnerabilities, and recommends remediation or mitigation steps where required.

teleport

How We Built SELinux Support for Kubernetes in Gravity 7.0

As one of the engineers on the Gravity team here at Gravitational, I was tasked with adding SELinux support to Gravity 7.0, released back in March. The result of this work is a base Kubernetes cluster policy that confines the services (both Gravity-specific and Kubernetes) and user workloads. In this post, I will explain how I built it, which issues I ran into, and some useful tips I’d like to share. Specifically, we will look at the use of attributes for the common aspects of the policy.

devo

How MISP Enables the Cybersecurity Community to Collaborate During the Pandemic

As if the pandemic itself weren’t causing enough pain and suffering in the world, cybercriminals are busy developing and deploying COVID-19-related malware to try and take advantage of unsuspecting victims. Fortunately, one of the world’s leading technology companies, Microsoft, is taking action to help people avoid becoming victims of these scams.

inetco

BDC Interview: INETCO Uncorks Digital Payment Bottlenecks During Pandemic

When COVID-19 caused a surge in online and mobile transactions, INETCO needed to quickly identify bottlenecks that were preventing its clients’ customers from accessing their bank accounts and making payments. Bijan Sanii, President, CEO and Co-founder, says INETCO looked at all real-time transactions to identify where every transaction was “getting stuck,” ensuring the stability of customers’ payment transactions across channels, such as mobile, online, ATMs and retail.

styra

Microservices Authorization: Styra DAS Moves up the Stack

We’ve had an exciting past six months at Styra, from a Series A funding announcement to tremendous growth in the Open Policy Agent (OPA) community to new enhancements to our commercial product, Styra’s Declarative Authorization Service (DAS). All of this great momentum maps to our overarching vision of unifying authorization and policy for the cloud-native environment.

stackrox

The Latest from StackRox - Augmenting Runtime Security

You learn from every customer, but some of the toughest requirements can come from our Intelligence Community customers. Occasionally, that group needs capabilities uniquely their own, but in the best of times, they push you in ways that benefit all your customers. Our recent developments in runtime security fall in that second camp, and we’re excited to announce their availability today.

tripwire

Winning with Cyber Threat Intelligence: Taking a More Personal View

In this final article of our trilogy, we investigate how a cyber threat intelligence (CTI) analyst and associated programmes provide insight about physical and cyber threats to your organisation. The value of these insights is reflected in the wins, which come as a result of context building, holistic understanding, and enhanced awareness in order to outmanoeuvre malicious actor(s).

tripwire

Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals

The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19).

reciprocity

COSO-Based Internal Auditing

Internal audit and compliance departments benefit from having a comprehensive framework to use to perform corporate risk assessment and internal control testing as well as fight fraud. The most popular framework is the COSO Framework. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) was originally formed in the United States in 1985 to combat corporate fraud.

upguard

Vendor Risk Management Checklist

Vendor risk management (VRM) is a broad category that encompasses all measures that your organization can take to prevent data breaches and ensure business continuity. Legal issues, past performance, and creditworthiness are some of the common VRM issues that all companies review frequently. Additionally, cybersecurity and the reduction of third-party security risks are increasingly important.

bearer

Machine Learning APIs for Web Developers

Machine learning (ML) used to be a tool limited to specialized developers and dedicated teams. Now, thanks to many web service providers and approachable tooling, your applications can use pre-build learning models and machine learning techniques the same way you would use any web service API. This is a quick way to test out and benefit from machine learning without having to invest in artificial intelligence, building your own learning models, or shaping your application around ML.

cygilant

Cygilant Adds Belfast Location to its Global Cybersecurity-as-a-Service

We have great news to share – this morning we officially opened up shop in one of the world’s fastest-growing technology hubs! The doors are open to our new state-of-the-art Security Operations Center (SOC) in Belfast, Northern Ireland – and we couldn’t be more excited.

nnt

How to Move from a DevOps Approach to a DevSecOps Approach

DevOps and traditional security have historically operated with different schools of thought. In the past, security was seen as a hindrance to the DevOps process and the role of security was left to address at the end of an applications life cycle. But now, there’s a way to make security a part of your DevOps process without reducing speed or scalability – with the adoption of DevSecOps.

egnyte

Locked Down But Not Locked Out: Business As Usual with Lawton Communications Group

It’s one thing to simulate your disaster recovery and business continuity response; it’s quite another to have to stress test your plan for real and at scale. Recently we chatted with Norman Cave-Browne-Cave, IT & Facilities Manager at Lawton Communications Group, the guy in the hot seat when the lockdown came. The task fell to Norman to maintain business as usual for his team in the UK, US and Australia. Here, he reflects on his experiences.

alienvault

Disruption on the horizon

Innovations in technology have been a prime agent for disruption throughout much of human history. Advancements in materials science gave English archers, with their superior longbows, the advantage over the French in many conflicts during the Hundred Years War; such as the Battle of Agincourt. In the late 2000’s, the music industry was forced to reinvent itself in the face of changing consumer consumption models as a result of technological advancements or become irrelevant.

tripwire

'Glitch' in Illinois' PUA System Blamed for Exposing SSNs, Private Data

Government officials said that a glitch in the State of Illinois’ Pandemic Unemployment Assistance (PUA) program exposed thousands of people’s Social Security Numbers (SSNs) and other private data. Jordan Abudayyeh, a spokesperson for Illinois Governor J. B. Pritzer, sent a statement to WBEZ on May 16. In it, she revealed that the Illinois Department of Employment Security (IDES) had learned of a security incident involving its PUA program. As quoted by WBEZ.

ekran

Legal Risks and Recommendations for Employee Workplace Surveillance in the US

Monitoring employees is one way to ensure a productive and secure workflow within an organization. However, not all employees like being watched. Some even challenge the ethics and legality of workplace surveillance. In this article, we explore the nature of workplace surveillance and consider the laws US employers should know and follow if they want to monitor their employees.

Create Login Scripts with Selenium

In this video, you will learn how to use the Selenium IDE plugin to create a login sequence script that enables Veracode Dynamic Analysis to scan URLs that have form-based authentication. Veracode Dynamic Analysis delivers an automated capability to scan your web applications based on the URLs that you provide. If your website uses form-based authentication (a more complex login procedure than a user name and password, such as a token key or two-step authentication), you must upload a login script to your Dynamic Analysis so that Veracode can log in to application.
tripwire

Understanding Single Sign On as a Means of Identity Access Management

I usually spend my mornings doing some reading and enjoying my coffee. On this one particular morning, I noticed that I had received an email from a gaming company I had created an account with around 10 years ago for my kids. They had sent me a code to confirm a login that was being done from Thailand. I had forgotten that I had even created the account. The account used a set of my credentials that had been compromised many years ago in one of the many data breaches that occur on a continuous basis.

tripwire

Why OPSEC Is For Everyone, Not Just For People With Something To Hide - Part III

In this final part of the series, I discuss why everyone should consider reviewing their OPSEC (Operations Security), not just those with something to hide. If you haven’t read the previous articles then please check them out first (Part I & Part II), as they provide key background information about the techniques discussed in this post.

stackrox

Kubernetes Autoscaling - 3 Common Methods Explained

One of the strengths of Kubernetes as a container orchestrator lies in its ability to manage and respond to dynamic environments. One example is Kubernetes’ native capability to perform effective autoscaling of resources. However, Kubernetes does not support just a single autoscaler or autoscaling approach. In this post, we discuss the three forms of Kubernetes capacity autoscaling.

stackrox

Guide to Evaluating Your Container Security Maturity

As companies embrace containerized, cloud-native applications, they recognize that the need for security is as paramount as ever but struggle to secure these new technologies. Since everyone is learning the new stack, no one has a roadmap for how to apply security across the various stages of the containerization journey. Each stage introduces novel security challenges, and organizations must learn both the infrastructure and the security at the same time.

bulletproof

Everything you need to know about a DPO

In 2018, the world’s trust was shaken. That year, it was revealed that Cambridge Analytica had furtively harvested data left exposed by Facebook. The information of over 87 million individuals was exploited to assemble voter profiles and customise the distribution of political advertisements in the run up to the 2016 US Presidential Election as well as Brexit.

cygilant

What is a Security Operations Center (SOC)?

SOC as a Service provides resource constrained companies a way to increase their team with people, improve their cybersecurity processes and implement best of breed, tried and tested technology. By finding a security operations center (SOC) partner, you can ensure your business is protected. Here we answer some questions about a SOC as a Service.

logsign

Cyber Security for Industrial Control Systems

It is no secret that humans make mistakes. In order to reduce the damages and harms caused by human error, cyber security is a must for industrial control systems. Keep reading to learn more. Unfortunately, humans make mistakes. There are many reasons behind this fact, such as the limited capacity of our working memory or our short attention span. Regardless of our experience, no matter how well trained we are, we all make mistakes, and it is okay. Mostly.

alienvault

The importance and security concerns of staying connected during the COVID-19 pandemic

Unsplash The COVID-19 pandemic sweeping the globe has effectively put a stop to the bulk of face-to-face interactions. With social distancing and shelter in place orders in effect, people are stuck at home and relying on the Internet as not only a tool for communication and entertainment but as their only way to earn money during this hectic and uncertain time.

tripwire

The top 10 most-targeted security vulnerabilities - despite patches having been available for years

Newly-discovered zero-day vulnerabilities may generate the biggest headlines in the security press, but that doesn’t mean that they’re necessarily the thing that will get your company hacked. This week, US-CERT has published its list of what it describes as the “Top 10 Routinely Exploited Vulnerabilities” for the last three years.

reciprocity

What is Compliance Oversight?

Regulatory compliance is continuously evolving, which makes it increasingly imperative that everyone involved in the Compliance Management System (CMS) understand their responsibilities. Various sectors mandate oversight, including healthcare, finance, and cybersecurity. It is also a foundational business practice to safeguard company reputation and demonstrate integrity to consumers and the public. Compliance management is a top-down system, like most workplace cultures and business processes.

upguard

What is Continuous Security Monitoring?

Continuous security monitoring (CSM) is a threat intelligence approach that automates the monitoring of information security controls, vulnerabilities, and other cyber threats to support organizational risk management decisions. Organizations need real-time visibility of indicators of compromise, security misconfiguration, and vulnerabilities in their infrastructure and networks.

zeronorth

Do You Know The True Cost of Your Vulnerability Discovery Program?

You know the story. Software is running the world, which means everyone who is developing and delivering it must work towards making sure it’s secure. And this effort most certainly includes standing up, managing and executing a vulnerability management program across applications and infrastructure. Sounds great—but at what cost? To figure this out, you’ll need to think beyond the software licensing and annual support costs.

WhiteSource

Gartner 2020 Magic Quadrant for Application Security Testing: Key Takeaways

The Gartner Magic Quadrant for Application Security Testing 2020 reports a 50% increase in the number of their end-user client conversations about DevSecOps and AST (Application Security Testing) tools, in 2019. According to the report, users continue to adopt DevOps methods like integrating security into the software development lifecycle from the earliest stages of development.

sqreen

A look at OWASP's top automated threats to web apps

With the advancement of web technologies, there are many new ways to create dynamic websites. But we are also facing a growing rate of cyber threats. We can see that even the most reputed companies are falling prey to cyberattacks. For instance, bots are now spreading across the internet like wildfire. In fact, they constitute a major portion of web traffic. Now, some bots help businesses improve their presence. On the other hand, there are some bad bots that are a threat to a company.

inetco

Tips to Deliver the Level of Security and Experience Customers are Relying On

Welcome to blog 2 of our 3-part series featuring top recommendations to help financial institutions (FIs) navigate the impact of COVID-19 on their payment business. Last week’s blog shared tips to manage the surge in online and mobile banking transactions. This week, we’ll focus on card-not-present fraud. As we inch closer to June, the coronavirus continues to affect consumer purchasing behaviors – including an immense payments shift towards digital banking and e-commerce.

alienvault

Why cybersecurity In the healthcare sector needs improvement

A recent attack on a hospital in Brno, Czech Republic (a COVID-19 testing center)ehowed the extent to which weaknesses in a health center’s cybersecurity system can endanger the lives of patients. During this attack, patients had to be redirected to other hospitals and vital surgeries were postponed - all during a time in which vital testing needed to be carried out and releases needed to be sped up. A study published in the journal Technological Health Care by CS Kruse et al.

tripwire

Survey: Nearly Two-Thirds of Orgs Have Experienced COVID-19 Related Attacks

This new world is putting a strain on organizations’ digital security defenses. First, malicious actors are increasingly leveraging coronavirus 2019 (COVID-19) as a theme to target organizations and to prey upon the fears of their employees. Our weekly COVID-19 scam roundups have made this reality clear. Second, organizations are working to mitigate the risks associated with suddenly having a large remote workforce.

Managing the Entire SOAR Playbook Lifecycle

As your SOAR implementation matures and increases in value, your playbook library will develop and grow as well. Siemplify playbook lifecycle management makes maintaining, optimizing and troubleshooting playbooks at scale simple and easy. Unique capabilities, such as playbook run analytics, reusable playbook “blocks” and playbook versioning and rollback, ensure your SOAR implementation grows in value, not complexity.

SOC Quarantine Diaries: Tracey Webb of GDS on Steering Security Operations in a Work-from-Home Boom

Tracey Webb, security operations center manager at Global Data Systems, a Louisiana-based managed services provider, joins SOC Quarantine Diaries from his isolation station to discuss all matters remote security, from phishing and VPN threats to a permanent WFH shift that seems underway.
upguard

What Is an Attack Surface? + Tips to Reduce Your Attack Surface

The attack surface of your organization is the total number of attack vectors that could be used as an entry point to launch a cyberattack or gain unauthorized access to sensitive data. This could include vulnerabilities in your people, physical, network, or software environments. In simple terms, your attack surface is all the gaps in your security controls that could be exploited or avoided by an attacker.

logsign

What is Cyber Hacktivism?

We all know about hacking and hackers, but what about hacktivism and hacktivists? In this article, we will discuss what hacktivism is and how it can affect your organization. Hackers and the act of hacking found their way into mainstream long ago, with the help of high budget films and our increasing use of technology in almost every aspect of our lives. That is why almost everyone knows what hacking is and who a hacker is.

egnyte

Inter-institutional Collaboration, Part 1: Articulating Data Concerns

In an earlier blog, Collaboration in the Modern Biotech Era, we explored the scope, dynamics, and complexity of collaboration in modern biotech and how “…these external partnerships have made the life sciences industry more distributed, networked, and collaborative than ever before.” But data security, integrity, structure, and storage present a number of concerns that need to be addressed to strengthen your GxP compliance envelope when working with external partners.

tripwire

I, CyBOK - An Introduction to the Cyber Security Body of Knowledge Project

The Cyber Security Body of Knowledge project or CyBOK is a collaborative initiative mobilised in 2017 with an aspiration to “codify the foundational and generally recognized knowledge on Cyber Security.” Version 1.0 of the published output of this consultative exercise was quietly released last year and then more publicly launched in January 2020. Yet, this free and information-packed publication does not appear to have captured the attention it perhaps deserves across the wider industry.

upguard

Third-Party Risk Assessment Best Practices

Assessing the cybersecurity risk posed by third-party vendors and service providers is time-consuming, operationally complex, and often riddled with errors. You need to keep track of requests you send out, chase up vendors who haven't answered, and ensure that when they do they answer in a timely and accurate manner.

ekran

7 Best Practices to Conduct a User Access Review

Every company has workers that have been there from the beginning and worked in every department. They know everything about the company’s processes, and it makes them valuable employees. But they also can access sensitive data, and that makes them dangerous. A periodic user access review can mitigate this danger. Reviewing user access is an essential part of access management.

zeronorth

Leading Security Publications Laud ZeroNorth's Compelling Value for Vulnerability Management

There’s no greater validation of the ZeroNorth platform than objective reviews from leading publications in the security industry. And we now have two of them—from CSO Magazine and SC Magazine! Both reviews recognize the value of ZeroNorth’s platform as a solution for managing risk and vulnerabilities throughout the software development lifecycle (SDLC).

logsign

What is AES Encryption and How it Works?

If your organization offers or needs cyber security solutions, you must have heard of the Advanced Encryption Standard before. In this article, we will take a closer look at AES and how it can be beneficial for your organization. The Advanced Encryption Standard (also known as Rijndael) is one of the most popular global encryption standards, that is why its acronym AES keeps coming up in almost every discussion related to cyber security.

nnt

5 Steps to Help Minimize the Risk of a Third-Party Data Breach

Over the past five years, data breaches caused by third-party vendors have continued to increase in severity and frequency. In fact, research found in the latest Ponemon Institute Data Risk in the Third-Party Ecosystem report claims that 59% of companies experienced a data breach caused by one of their third-party vendors. Minimizing your chances of a third-party data breach is a tall order since much of it is out of your direct control.

inetco

INETCO Insider: Combat the impact of COVID-19 on your payments business

As we head into Q3 of 2020, life is looking quite different for all of us around the world. With many governments beginning to implement plans to ease restrictions, economies are expected to slowly regain their footing. Even as brick and mortar businesses around the world gradually re-open, we will continue to see a trend towards contactless payments, digital banking, online orders and e-commerce.

stackrox

Greenlight and StackRox - The Fun of Being Mutual Customers

It’s always a great feeling to learn another customer win story, but it’s especially exciting when you’re a customer in return! That’s the fun I had talking with Greenlight to learn how the company relies on StackRox to protect its Kubernetes applications. Greenlight has a cool mission: teach kids about financial literacy, encouraging them to create a budget and helping them reach savings goals.

stackrox

Custom Kubernetes Controls with Open Policy Agent (OPA) - Part 2

In Part 1 of this series on the Open Policy Agent (OPA), we gave a brief rundown of why you might want to use the OPA Gatekeeper controller for policy enforcement in your Kubernetes clusters. We also gave a few examples of OPA’s query language, Rego, and of the Kubernetes Custom Resource Definitions (CRDs) that OPA Gatekeeper uses and creates.

tripwire

COVID-19 Scam Roundup - May 11, 2020

Digital attacks continue to exploit coronavirus 2019 (COVID-19) as part of their malicious operations. On May 5, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) along with the United Kingdom’s National Cyber Security Centre (NCSC) published a joint alert in which they revealed that they had witnessed APT actors targeting local governments, academia and pharmaceutical companies.

tripwire

Best Practices for Scoring Your Environment's Security Measures

For most practical uses today, a combination of hardening and vulnerability detection is required to secure even the most basic digital environment. In each area it is important to see the progress you’re making in these competencies so that you can improve and build on the work you and your team have done over time. But with so many assets in your digital environment, how do you score the effectiveness of these security measures?

siemplify

SOC 101: Getting Started with Playbook Design (Video)

Every artist starts with a blank canvass. That goes for security operations teams, as well, who must illustrate their institutional knowledge in order to retain and preserve it. This is generally accomplished via workflows, which help drive consistent and repeatable investigations in the security operations center.

tripwire

The 4 Stages to a Successful Vulnerability Management Program

Have you ever been around someone who is just better at something than you are? Like when you were in school and there was this person who was effortless at doing things correctly? They had great study habits, they arrived on time, they were prepared and confident in the materials that they studied in class, and they were a consistently high performer at every stage?

reciprocity

Risk Assessment Checklist NIST 800-171

The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 is a subset of IT security controls derived from NIST SP 800-53. NIST SP 800-53 provides a catalog of cybersecurity and privacy controls for all U.S. federal information systems except those related to national security. The IT security controls in the “NIST SP 800-171 Rev.

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps

Your organization has already embraced the DevOps methodology? That’s a great start. But what about security? It’s a fact - many organizations fear that adding security to their DevOps practices will severely slow down their development processes. But this doesn’t need to be the case. the DevOps pipeline
reciprocity

How to Comply with GDPR

When it comes to organizations incorporated and operating out of the United States, General Data Protection Regulation (GDPR) compliance can be confusing. Many people struggle to understand what exactly is the GDPR and whether it applies to all organizations. On May 25, 2018, the European Union (EU) via the European Parliament, signed into law the GDPR, to an enhance Directive 95/46/EC.

veriato

Why Does Your Business Need Digital Forensic Tools?

While the real world of forensics is much different from your favorite primetime drama, it’s becoming an increasingly important field for the digital sphere. Cybercriminals leave a trace just like real-world offenders, so it’s important to use digital forensic tools that can identify, address, and resolve potentially fraudulent or harmful activities. Keep reading to learn more about digital forensics, and the tools your company needs to stay protected.

alienvault

Remote workers making mobile management and security first priority

In recent years, many businesses had already begun planning for a gradual shift towards an increasingly remote workforce, yet fewer had implemented a mobile-first strategy, and some were still formulating strategies. At a gradual pace, IT administrators could handle a small percentage of remote workers and saw the management features of device enrollment programs and network security measures as enough to manage a few remote devices and cyber risks.

tripwire

Spike in Snake Ransomware Activity Attributed to New Campaign

Security researchers attributed a spike in Snake ransomware activity to a new campaign that’s targeted organizations worldwide. Snake ransomware first attracted the attention of malware analysts in January 2020 when they observed the crypto-malware family targeting entire corporate networks. Shortly after this discovery, the threat quieted down. It produced few new detected infections in the wild for the next few months.

reciprocity

Risk Management Process

Not too long ago, “risk management” was considered mainly an insurance term. The risks a business might incur covered a fairly small and discrete range of scenarios, including the following: The times have changed, however, and so have risks. With the advent of the digital age come a plethora of new risks as well as an increase in the complexity of existing ones.

zeronorth

4 Reasons Why Confusing AppSec With InfoSec Is a Big Mistake

The business world uses a lot of confusing terminology, and cybersecurity is no exception. Many buzzwords and catchphrases, while annoying, are harmless. But there is also terminology whose misapplication is problematic. Application security (AppSec) and information security (InfoSec) are two terms that are often conflated. Sure, there’s plenty of crossover between these disciplines, and there’s certainly a point of convergence, but they are different.

WhiteSource

May Open Source Security Vulnerabilities Snapshot

May is here, and with it our May’s open source security snapshot, our monthly overview of the new open source security vulnerabilities published in April, to see what’s new in the ever-evolving open source security ecosystem. In order to give you all the low-down on emerging or ongoing trends, our hardworking research team analyzed all of the new open source security vulnerabilities added to the WhiteSource database.

nnt

What is the Cybersecurity Maturity Model Certification and What Can Your Organization do to Prepare?

Starting on September 1, 2020, Department of Defense (DoD) contractors will be required to comply with the new Cybersecurity Maturity Model Certification (CMMC), a new cybersecurity framework designed to enhance security defenses. This new standard draws upon NIST 800-171 Rev 2, ISO 27001 and other security frameworks to create one unified standard for implementing cybersecurity across the entire defense industrial base (IDB).

spambrella

FINRA: Phishing Emails Targeting Financial Companies

On Monday, May 4th, **FINRA (Financial Industry Regulatory Authority), issued a warning to financial companies stating that a new email phishing campaign was doing the rounds. According to the regulator, the campaign is ongoing, widespread, and made to look as though the emails are coming from FINRA itself.

inetco

Tips to Manage the Surge in Online and Mobile Payment Transactions

With COVID-19 continuing to affect consumers and business of all sizes across every industry around the world, there has never been a more important time for financial institutions (FIs) to ensure that payment transactions complete as expected. In the next three weeks, we will release a blog a week discussing the top tips INETCO is recommending to customers in an effort to navigate the impact of COVID-19 on their payments business.

alienvault

Balancing security and flexibility with a remote workforce

According to the Pew Research Center, last year, roughly seven percent of U.S. workers regularly enjoyed the option of working from home. Well accustomed to the nature of remote work, these individuals were equipped with stable internet connections, collaboration and communication tools, and security technologies that helped them excel from their home offices.

tripwire

The MITRE ATT&CK Framework: Discovery

The Discovery tactic is one which is difficult to defend against. It has a lot of similarities to the Reconnaissance stage of the Lockheed Martin Cyber Kill Chain. There are certain aspects of an organization which need to be exposed in order to operate a business. What is the MITRE ATT&CK™ Framework? - YouTube An error occurred. Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser.

Security And Compliance for Remote Federal Workers

With much of the federal workforce now using laptops to work from home, how can agencies like yours overcome VPN hurdles and ensure the same standard of security monitoring? Compliance frameworks help you achieve and maintain remote asset security with detailed, step-by-step guidance on best practices, including extending security controls to cover remote laptops and other endpoints employees may be using from home in the wake of Covid-19.
reciprocity

Coronavirus-Themed Cyberattacks To Watch Out For

The novel coronavirus isn’t the only plague affecting businesses. Cyberattacks are spreading, too, as malicious actors take advantage of interest in COVID-19 news and coronavirus fears to trick people into clicking on phony links and attachments in social engineering and phishing scams. The U.S.

netacea

Uncovering Bots in eCommerce Part Two: Loyalty Points

Loyalty schemes operated by the eCommerce industry have become so popular that they now represent a billion-dollar industry, with customers earning loyalty points when purchasing goods or services from their favourite brands. Yet financial losses from loyalty card fraud are equally significant — with an estimated $1 billion being stolen every year.

netskope

AWS: Improve CloudTrail Logging for Assumed Role Actions

Imagine an AWS user in your environment escalates privileges by assuming a role (calling sts:AssumeRole) and performs a malicious action. How will you know in the first place and how will you find the offending user in order to remediate the situation? CloudTrail of course. But you find that the event logged for the malicious action tells you the role and not necessarily the original user.

upguard

What is Attack Surface Management?

Attack surface management (ASM) is the continuous discovery, inventory, classification, prioritization, and security monitoring of external digital assets that contain, transmit, or process sensitive data. In short, it is everything outside of the firewall that attackers can and will discover as they research the threat landscape for vulnerable organizations.

detectify

Detectify security updates for 29 April

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

logsign

How to Do Endpoint Detection and Response with SOAR?

Ensuring business continuity is the top priority of every organization. However, is it possible in the age of digital warfare? Today, businesses are at great risk from state-sponsored attacks, insider threats, external threats, organized crimes, and threats from hacktivists. Advanced Persistent Threats (APTs) including all types of viruses are sophisticated and fast and protecting endpoints has become a great challenge for enterprises.

nnt

GoDaddy Data Breach Goes Undetected for 7 Months

The popular domain registry and web hosting company GoDaddy is in the headlines this week after the company reported that an unauthorized user accessed login information used by an undisclosed number of its 19 million customers. GoDaddy informed its customer base of the incident on May 4 in an email stating that on October 19, 2019, an unauthorized individual accessed the login credentials used to connect to SSH on the hosting site.

spambrella

The Changing Face of Email Security

With the rise of remote work, especially in recent months, and the number of net-connected devices rising all the time, email is more relevant as ever. Indeed, as a form of unobtrusive communication and document sharing, email has pretty much cemented its position as the go-to tool for businesses of all sizes. Unfortunately, being the popular kid in school is not always a good thing – for a start, it has a way of making you look like an easy way in.

spambrella

Guarding Against Work-From-Home Phishing Threats

By this stage, everyone is familiar with the phrase ‘social distancing’ and what it means with regards to shopping trips and exercise outdoors. Social distancing, as we all know by now, was introduced to slow down or, more hopefully, stop the spread of Coronavirus. Many companies are taking steps to enable as many people as possible to work from home.

teleport

Solid Infrastructure Security without Slowing Down Developers

In this post, I want to share my observations of how SaaS companies approach the trade-off between having solid cloud infrastructure security and pissing off their own engineers by overdoing it. Security is annoying. Life could be much easier if security did not get in the way of getting things done.

styra

Open Policy Agent: Cloud-native Authorization

Talks focused on Open Policy Agent (OPA) are featured prominently in the agenda for KubeCon + CloudNativeCon Europe—15 OPA-focused sessions were accepted from users at Google, City of Ottawa, Ada Health and more—signaling the importance of authorization in the cloud. While the event and those talks are now on hold until August, that doesn’t mean we should postpone learning more about authorization within applications, across Kubernetes clusters and on top of service mesh.

tripwire

Getting Zoom Security Right - 8 Tips for Family and Friends

If you’ve read a newspaper or watched the news in the past few weeks, you’ll notice one common topic that all the major news outlets are discussing… COVID-19. Right now, many companies are trying to provide employee guidance during this worldwide pandemic, as governments ask those who can to work from home in an effort to slow the spread.

siemplify

3 Emerging Remote Security Use Cases Addressable with SOAR Playbooks

Even as many SOC teams have shifted to remote operations in recent weeks, the basics of their mission are unwavering: Monitor for and analyze threats, and ensure security incidents are handled swiftly and incisively, ideally with the help of a security automation, orchestration and response (SOAR) platform. Yet while nothing has changed, everything has, least of which the environment from which analysts are now doing their work.

reciprocity

Tips for Managing Third-Party Risk in Health Care

The healthcare industry possesses the crown jewels that the bulk of attackers are after: Personally Identifiable Information (PII). Data has become the new currency in the digital underground, consisting primarily of social security numbers, credit card information, health information, and passwords.

netskope

The Path of a Packet in a SASE Architecture

In the past, there was a clear demarcation between the role of the enterprise network and the internet. Network architects focused on the networks that were under their direct control, and relied on their service provider to provide access to the internet. With the rise of cloud applications, we’re seeing a shift in the demarcation.

detectify

Undetected e.02 recap: Fredrik N. Almroth - Bug Bounties

Bug bounties – some argue that this is one of the buzzwords of the decade in the cybersecurity industry. Whatever you want to label it, it’s a trend that we can’t ignore these days. A lot of companies are taking part in it, so what’s it all about? There were many valuable soundbites to take from this, and especially from podcast guest, Fredrik N. Almroth (@almroot) because he’s hacked all the tech giants and more. If you can name it, he’s probably hacked it.

The True Total Cost of Ownership (TCO) for Vulnerability Management Across Applications & Infrastructure

For digital transformation initiatives to be successful, rapid development and delivery of software capabilities is crucial. This paper highlights the time needed to support the comparison, selection, deployment, and on-going management of the tools and techniques inherent to a comprehensive vulnerability management program, across applications and infrastructure, as they will significantly impact the TCO of that program.
alienvault

5 defensive COVID-19 actions IT managers can take now

As if there wasn’t enough to worry about these days, cyber attacks have taken a sharp uptick since the COVID-19 pandemic began this year. From January to March, AT&T Alien Labs Open Threat Exchange (OTX) saw ​419,643 indicators of compromise (IOC) related to COVID-19, including a​ 2,000% month-over-month increase from February to March. Cybercriminals are taking advantage of the shift to remote working, increasing their volume of attacks by nearly 40% in the last month.

tripwire

COVID-19 Scam Roundup - May 4, 2020

Malicious actors continue to abuse coronavirus 2019 (COVID-19) as a lure to profit off of innocent people. Indeed, Arkose Labs found that 26.5% of all transactions recorded in Q1 2020 were fraud and abuse attempts—a 20% increase over the previous quarter and the highest attack rate ever observed by the security firm’s researchers. It’s therefore unsurprising that we’ve seen the U.S.

reciprocity

7 Pandemic Risk Management Tips to Implement Now

As COVID-19 continues to spread worldwide, not only disrupting health and life but also business continuity up and down the supply chain, economic and cyber risk have taken on pandemic proportions, as well. Many enterprises are struggling just to keep essential services functioning as they send employees home to work with new, hastily procured technologies. At the same time, they’re battling a surge in cybercrime by threat actors seeking to take advantage of the chaos.

egnyte

Transitioning to an Open CDE For Construction File Sharing

A single repository for all construction content changes the way people work, and it can make a big difference in project profitability. Increasingly, a CDE is an essential tool for conforming to Building Information Modeling (BIM) practices and meeting compliance requirements. It’s important to recognize that a CDE is not just for giant construction companies. It delivers the same benefits to smaller contractors and subcontractors who often operate on much thinner profit margins.

tripwire

Phishers Increasingly Incorporating reCaptcha API into Campaigns

Security researchers observed that digital attackers are increasingly incorporating the reCaptcha API into their phishing campaigns. Barracuda Networks explained that malicious actors are starting to outfit their phishing attempts with reCaptcha walls so that they can shield their landing pages from automated URL analysis tools as well as add a sense of legitimacy to their operations. Some of these efforts have consisted of deploying a fake checkbox and form.

netskope

Leaky Links: Accidental Exposure in Google Link Sharing

Netskope Threat Labs recently posted the second entry in our leaky cloud app series about Google Groups. In this edition, we will cover Google link sharing misconfigurations leading to the accidental internal and public exposure of sensitive data. This post details the common misconfigurations in Google link sharing that lead to unintended data exposure and provides recommendations to prevent such data leaks.

stackrox

EKS vs GKE vs AKS - May 2020 Update

In February, we published an article providing side-by-side comparison between the managed Kubernetes offerings of the three largest cloud providers: Amazon’s Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). The Kubernetes ecosystem changes rapidly, as do the feature sets of these managed platforms. This post covers important updates to these services made since our original comparison and our April update.

egnyte

Egnyte's Chief Security Officer Provides Practical Advice for IT Admins Of a Remote Workforce

Companies around the globe scrambled to make work life productive for their employees once health and government mandates instructed offices to close. While the Internet became awash in work from home advice for employees, it was the IT admins who had to quickly enable their workforces to be productive, secure, and fully equipped to mimic the office environment at their kitchen table.

The Essential Guide to Risk-Based Vulnerability Orchestration Across the Software Lifecycle

Stop treading water and simplify the management and remediation of your software vulnerabilities. This eBook discusses challenges with current approaches, the differences between automation and orchestration and the steps to get started with orchestration.

What to Expect When You're Expecting a Data Breach: End of Year Report from ZeroNorth

From security threats to compliance regulations to the unrelenting pace of business, staying conscious of cybersecurity risks in 2020 is shaping up to be a full-time job. Around this time of year, experts love to offer up their predictions about what's on the digital horizon and how we can best prepare ourselves for the inevitable future. Whether or not these apocalyptic cybersecurity situations come to fruition remains to be seen, but one thing's for sure-it will be a year to watch.