June 2020

alienvault

Ransomware observations

AT&T’s Digital Forensic Incident Response (DFIR) team has been observing cybercriminal organizations steadily increase their ransomware capabilities over the last few years. We have seen ransomware grow in sophistication and capability at a rapid pace. So rapidly in fact, that each investigation shows a new tactic or change in the binary program responsible for encrypting clients’ data.

alienvault

Cybersecurity penetration testing explained

Cybersecurity penetration testing is a method of checking for security weaknesses in software and systems by simulating real-world cyber-attacks. Also known colloquially as 'pen tests,' penetration tests probe beyond the scope of automated vulnerability scans. Pen tests find gaps in protection that can arise when unique combinations of applications, systems, and security defenses work together in live environments.

tripwire

The CSA IoT Security Controls Framework

The Internet of Things (IoT) is growing in technical, social, and economic significance. ENISA defines the increasingly complex IoT systems as “cyber-physical ecosystem[s] of interconnected sensors and actuators, which enables intelligent decision making.” These technologies collect, exchange and process data in order to dynamically adapt to a specific context, transforming businesses and the way we live.

Developing Immunity: IT Security in the Era of Remote Working

This webinar explores new and emerging risks facing civil service security professionals, system managers and business owners, and provides ways to combat them.Paul Edon, Senior Director for Technical Sales and Services (EMEA) at global cybersecurity provider Tripwire, covers topics including.
outpost 24

What are Security Misconfigurations and how to prevent them?

Misconfigurations are often seen as an easy target, as it can be easy to detect on misconfigured web servers, cloud and applications and then becomes exploitable, causing significant harm and leading to catastrophic data leakage issues for enterprises like the 2019 Teletext exposure of 530,000 data files which was caused by an insecurely configured Amazon Web Service (AWS) web server.

netwrix

2020 State of the Cloud Statistics

The cloud had become mainstream during the last couple of years, but the year of 2020 has pushed companies to adapt to remote working, which immediately led to a rapid adoption of cloud services. Research indicates that overall use of cloud services across industries has already increased by 50% this year; the most serious effect from the shift to remote working was on cloud-based collaboration tools, which saw an increase of up to 600% in usage (McAfee).

netskope

Leaving Bastion Hosts Behind Part 1: GCP

Any enterprise running virtual machines in the cloud needs to securely manage them, which is commonly done with Remote Desktop Protocol (RDP) or Secure Shell (SSH). One problem that arises is how to manage this access without exposing the management protocols to the internet, leaving them open to various types of attacks. Historically, it has been a best practice to implement bastion hosts to limit the exposure of the management protocols. However, there are some disadvantages to that approach.

bearer

Rebuilding our API Call Logging Feature from Scratch

Bearer is shedding its winter coat. As we stayed safe at home during the COVID-19 crisis, it gave us the opportunity to think about our vision for the API Monitoring industry. Today, we are releasing a brand-new dashboard, a rebuilt navigation, and improvements to many of our existing features. But one change is quite big, as it is changing one of the core features of our product. We have completely rebuilt the way API call logs are managed in Bearer.

detectify

Detectify Crowdsource - Not Your Average Bug Bounty Platform

How does Detectify Crowdsource get the most skilled ethical hackers of the world to come together and have as broad an impact as possible? The answer – a bug bounty program, but not in the traditional way. I am Carolin Solskär, Detectify Crowdsource Community Manager and I work closely with our ethical hackers to make sure we maintain an awesome experience for all our members with the shared goal to make the Internet more secure.

zeronorth

Bidpath Leads by Example and Avoids These 4 Security Pitfalls

There’s no debate. Application security is a must. However, delivering vulnerability-free software at speed and scale isn’t easy. Just ask Francis Juliano, CTO at Bidpath, one of the world’s leading online auction platforms. Because Bidpath relies on software to run their business, Juliano has faced a number of common application security (AppSec) challenges—just like other industry professionals around the globe.

wandera

Does your organization have too many security tools?

Cloud services are ubiquitous. Highly available and accessible they have enabled many technology teams to become agile, deploying new services in fractions of the time they could before. This trend has led to the proliferation of services, with standalone or one-off tools contributing to increasingly complete technology ecosystems. As the challenges of managing and maintaining numerous tools increases the cost of the cloud’s flexibility can begin to outweigh its benefits.

wandera

How 5G creates further security and access challenges for companies

Despite conspiracy theories about how 5G towers were the cause of COVID-19 and security concerns about Huawei, there is still much optimism about the next generation of connectivity. An IHS Markit study estimates that 5G will generate $13.2 trillion in global economic value by 2035 and an Omdia report cited that there were more than 17.7 million connections in Q4 2019.

alienvault

WPA security explained: what is Wi-Fi Protected Access?

WiFi signals can be put into two different categories, unencrypted and encrypted. Unencrypted WiFi, sometimes known as open WiFi, can be connected to without a password. Anyone with a phone, tablet, PC, video game system, or Internet of Things device within range of the open WiFi signal can use it as long as there aren’t more devices connected to the wireless access point than it can handle. But the data being sent to and from your device through the open WiFi signal is unencrypted.

tripwire

Into the Dark: Scratching the Surface of the Dark Web and Its Potential Risks to Users

Numerous data leaks appeared on the dark web in the second quarter of 2020. At the end of May, for instance, Cyble found a government database containing the personal information of more than 20 million Taiwanese citizens for sale on an underground web marketplace. That was less than two weeks before The Economic Times reported on a dark web data leak involving BEML, an Indian public sector undertaking.

tripwire

What to Expect from Brazil's New Data Protection Law

The European GDPR (General Data Protection Regulation) is one of the most influential consumer privacy laws that has affected 500,000 companies throughout the world. This law has played a crucial role in formulating another substantial privacy law known as the California Consumer Privacy Act that came into effect on January 1, 2020.

bulletproof

GDPR 2 years on - key takeaways and lessons learnt

GDPR recently breezed past its second birthday and, like many two-year-olds, continues to cause concern and confusion for those who have to deal with it. Unlike real two-year-olds, however, GDPR is quite clear in what it demands and there could be big consequences if they are not met. For businesses, failure to meet GDPR’s requirements represents an increased risk of data breaches and the reputational damage and legal repercussions that breaches inevitably lead to.

zeronorth

Week Three Featuring Research From Forrester: How to Make Open Source Software Work For You

Open source software (OSS) continues to grow in popularity and remains a key part of application development. The advantages of using open source code are fairly obvious—its free, ready-made and customizable, and it allows teams to get software to market faster, which is a critical differentiator in today’s rapidly changing world.

stackrox

EKS vs GKE vs AKS - July 2020 Update

In February, we published an article providing a side-by-side comparison of the managed Kubernetes offerings from the three largest cloud providers: Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). The Kubernetes ecosystem changes rapidly, as do the feature sets of these managed platforms. This post covers important updates to these services made since our original comparison and our April, May, and June updates.

alienvault

HIPAA in the time of Covid-19

The global cases of Novel Coronavirus are continually ticking upward in most parts of the world, and with every new case come further questions about the patients. Hospitals, governments and even general population is interested to know who the affected people are, what their health history is, which locations they visited, and who they interacted with prior to receiving positive test results.

tripwire

Foundational Controls Make the Hard Things Easier to Do

Let’s begin with a short story. Imagine that we have two large organizations in the public sector. These entities are very similar. Both are on the receiving end of cyber threats. Both adhere to multiple compliance standards. And both need to ensure that their IT systems are functioning and working as planned. But they’re not entirely the same. Take Organization A, for example.

netskope

Selling a Cloud-first IT & Security Vision: In Conversation with Microsoft Chairman John Thompson

Last week I had the opportunity to talk to John Thompson as part of The Reimagine Series. The Reimagine Series sees the leadership team at Netskope host discussions with technology trailblazers as they introduce thought-provoking ideas that transform the way enterprises work. Across the series, we have been exploring innovative approaches to solving today’s technology and security challenges and I was really excited to catch up with John to hear his ideas.

WhiteSource

Software Development Life Cycle: Finding a Model That Works

Waterfall. Agile. Scrum. Kanban. Lean. These words are often thrown around when talking about the software development life cycle (SDLC), but what do they mean and how do they relate to each other? In this blog, we’ll take a look at the evolution of the software development life cycle and consider several current trends.

wandera

Zero Trust Network Access: Granting access to unmanaged devices

This blog series explores the challenges of enabling unmanaged devices without putting enterprise data at risk. Read part 1 to learn how to enable endpoints that are not on the corporate network. This issue discusses the challenges when granting unmanaged or BYO devices access to corporate resources. At first, BYOD seemed like a great option; businesses don’t need to pay for an endpoint that might get broken or lost, and workers can use a familiar device of their choosing.

stackrox

Protecting Against Kubernetes Threats: Chapter 1 - Initial Access

In the past five years, modern application architecture and compute infrastructure have been dramatically transformed by Kubernetes, the production-grade, open-source container orchestration system that has become the de facto standard for automating the deployment and management of cloud-native applications.

tripwire

How to Reduce the Risk of Misoperations in Your Bulk Electric Systems

Reliability is essential to the functionality of an electric power grid. This principle guarantees that a constant qualitative and quantitative supply of electric power is flowing from a provider to businesses, homes and more. It’s what enables electric power to drive life forward in modern society. As a result, there’s reason to be concerned about events that threaten the reliability of the power grid. Those events include misoperations.

siemplify

How to Take Command During a Security Crisis (+Video)

A successful response to a cybersecurity crisis scenario requires having a central integration hub where incidents are managed by security operations teams. This integrated crisis management capability is a must-have for when alerts are necessary to escalate to a cross-organizational response. Sure, you can train for these situations with tabletop exercises or well-baked proactive incident response strategies, but like any crisis, nothing is like the real thing.

redscan

Bloor Research: what makes a good MDR service?

The diverse and fast-changing nature of the Managed Detection and Response (MDR) market makes the process even more difficult. A new report, MDR Market Guide: reducing the costs and risks of cybersecurity investments, from independent technology research and analyst house, Bloor, outlines the key features to consider when selecting an MDR provider.

zeronorth

Spotlight on the Cold, Hard Facts of Application Security

From security threats to compliance regulations to recognizing what businesses and the overall economy are going to look like in a post-COVID era, staying aware of cybersecurity risks—and more specifically, application security—is not only a full-time job. It’s an ongoing job with constantly shifting parameters and concerns. That said, facts are facts. Data breaches are growing in both frequency and scope.

sqreen

Why attackers try to take over user accounts

Account takeovers (ATOs), also known as “account hijacking,” are a type of fraud that’s on the rise these days! This type of attack is attractive to hackers due to the financial return and the ease of such an attack: user account takeover is relatively low cost and has a high success rate. Additionally, there are many means to make money off an account that has been taken over, or in using it to perform more advanced attacks.

alienvault

What quantum cryptography means for cybersecurity

Just as cybersecurity professionals are getting used to the possible implications of quantum computers, a new front opens in the quantum arms race: using quantum computers for encryption. Though quantum computers remain a largely theoretical threat, some researchers are already working on ways to protect systems against the exponential increase in computing power they represent.

alienvault

Managed security operations center (SOC) explained

Managed SOC, also known as SOC as a Service, is a subscription-based offering whereby organizations outsource threat detection and incident response. Based on the concept of turning an internal security operations center (SOC) into an external cloud-based service, a managed SOC offers IT organizations external cybersecurity experts that monitor your logs, devices, cloud environments, and network for known and evolving advanced threats.

tripwire

State of Insider Data Breaches in 2020

Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies. However, the origin of a breach is not always outside of the organization, and recently, insider breaches have gained attention amid an increase in the flexibility of tools for information sharing. Insider threats can be accidental or intentional, but the impact of insider breaches remain the same.

reciprocity

Strategies for Digital Risk Protection

No lock has ever been invented that was completely secure. If an intruder really wants to get in, they usually can find a way. And yet, most of us wouldn’t leave the door to our home, office, or automobile open or unlocked overnight. Security isn’t perfect, but it can act as a deterrent, helping to keep us and our belongings safe. The same is true in the digital realm. Cybercriminals work around the clock to infiltrate our home and business networks.

veriato

Managing Cyber Threats to Operational Technology

In the fast-paced and highly commercialized world of manufacturing, better automation creates a valuable competitive edge. The physical systems leveraged in the industry, the machinery, and the manual processes have all become more automated since the first industrial revolution. Today, smart systems that leverage advanced technologies such as machine learning and integrated IoT control are creating a next-generation industrial environment often termed 4.0.

cygilant

Working from Home - The New Norm, Part 2: Chatting With Dermot Murray and Natalie Brady

Welcome to the second part of our series, where this week we’ll take a minute tocatch up with a pair of Cygilant employees in our Belfast office – Dermot Murray and Natalie Brady. Read on below to learn more about two of the key members of our team in Northern Ireland, and how they found new positions that were a perfect fit here at Cygilant.

veracode

Making a Case for the Cloud: Customers Give Their Honest Feedback of SaaS-Based AppSec

Before the pandemic, 70 percent of companies were in the early stages of a digital transformation. But given the current circumstances, companies are being forced to speed up those efforts. This statistic, coupled with the FBI’s findings that cyberattacks have increased by 400 percent over the last few months, supports the need for increased application security (AppSec) and the shift toward software-as-a-service (SaaS) models.

veracode

Veracode Achieves AWS DevOps Competency Status

We are pleased to announce that we have earned the AWS DevOps Competency status, which recognizes that Veracode provides proven technical proficiency and customer success helping organizations implement continuous integration and delivery practices on AWS. To receive the designation, APN Partners must possess deep expertise and deliver solutions seamlessly on AWS.

WhiteSource

WhiteSource Attribution Report: New Features

We are excited to announce the immediate availability of WhiteSource’s new attribution report. Our attribution report gives you insight into the compliance requirements of your open source components, including detailed data on your licenses, copyrights, and notices. WhiteSource’s new attribution report features numerous enhancements to the overall user experience.

devo

The Pain Remains: What the 2020 Devo SOC Performance Report Tells Us

Today we published the 2020 Devo SOC Performance ReportTM. The subtitle, A Tale of Two SOCs, underscores that there are two types of security operation centers (SOC): those that are performing reasonably well and those that are struggling. As someone who has worked in cybersecurity for more than 20 years, I find the results of our second annual SOC report informative, instructive, and also extremely irritating.

inetco

Thinking Real-Time About Real-Time Payments Fraud

Increasing payment speed and infrastructure complexity is leading to rising payment fraud rates. When it comes to the risk assessment and authentication of real-time payments transactions, the time window for analysis has shrunken to pretty much zero. Some of the challenges banks and credit unions are dealing with today include: The result of these challenges? More real-time payments fraud, mounting financial losses and new questions surfacing over who is liable for the recouping of funds.

alienvault

3 Steps to better cybersecurity in touchless business solutions (part 1 of 3)

The current pandemic that has upended our lives and wreaked havoc across the world have also humbled countries to a shocking degree. As borders closed, so did major sectors, industries, and businesses. Brick-and-mortar establishments had to cease operations and resume their business remotely to comply with quarantine measures. As conditions are getting better, the next challenge is for governments to restore both lives and livelihoods.

tripwire

Beyond Passing the Test: Lessons from My Infosec Certification Journey

Not everything that tastes good is healthy, and not everything healthy tastes good. I think of exams as the latter. They are one way to test knowledge, and that attitude is a big part of how I survived getting certified. After taking all kinds of exams, one thing hasn’t changed – I don’t like them. I get anxious when faced with tests. I dislike the all-or-nothing of each question.

netacea

Top 5 Data Breaches in 2020, So Far

In 2020, the chances of falling victim to data breaches are increasing. Keeping customers in the loop can be costly, time-consuming but very necessary and important to help prevent loss of personal data and decrease the risk of fraud. Cyber-attacks and data breaches can rarely be kept quiet and if the incident occurs at a high profile organisation, it’s only a matter of time before it makes the news.

logsign

How Can You Prevent Spyware and Adware?

Businesses remain under a constant threat of being attacked by malware through a variety of different attack vectors. Malware is an abbreviation used for malicious software. Malware has been one of the most prominent threats since the very beginning of the origin of the internet and still pertains to be so. Malware is an umbrella term, and it includes virus, trojan horse, ransomware, worm, spyware, adware, etc. In this article, we will be focussing on spyware and adware.

veriato

How Can You Detect an Insider Threat?

Data security is a term we’re all pretty used to hearing by now, but cybercriminals are only one part of the equation. Did you know that internal employees can also pose a threat to your business? Insider threats are caused by internal staff, employees, or partners who either wish to cause the company harm - or who simply compromise your organization’s data security through carelessness or lack of training.

bulletproof

SMEs and the cyber security challenge

EasyJet, CapitalOne, British Airways and Marriott are all huge companies with equally large budgets. Another thing they have in common is they all fell victim to a serious data breach, costing them hundreds of millions of pounds. If the major players with a lot of resources to devote to cyber security still get hacked, do SMEs with limited budgets stand a chance? It’s a dramatic question, so let’s explore the answer.

logsign

Types of Wireless Network Attacks

Wireless networks have become an integral part of how we conduct our businesses. They ease many processes and help us get rid of the clutter caused by hundreds of wires yet keeping wireless networks safe poses some challenges. Wireless technologies offer convenient solutions to our needs. They are practical and fast, moreover they set us free of the clutter caused by wires and cables. On the other hand, it is no secret that wireless networks are more vulnerable to attacks and intruders.

egnyte

Executive Roundtable: 5 Key Strategies for Leading Through the Next 6 Months

The COVID-19 crisis has been a test of management and leadership. Recent weeks have seen business leaders grappling with the dramatic upheaval to normal business operations and the corresponding changes to managing people and maintaining productivity. But as companies emerge from shelter-in-place, the question of “what does it take to lead a business through the recovery phase?” is on every leader’s mind.

alienvault

Why right now is the best time to assess your cyber response to COVID-19

The initial response to the COVID-19 pandemic put cybersecurity programs to the test. While organizations quickly rolled out business continuity plans to transition workers from the office to the home and to migrate business online to keep customers and supply chains moving, cybersecurity leaders have worked to help keep the business protected from an onslaught of cyber threats designed to prey on the disruption and uncertainty caused by COVID-19.

tripwire

Amazon Web Services Mitigated a 2.3 Tbps DDoS Attack

Amazon Web Services (AWS) said that it mitigated a distributed denial-of-service (DDoS) attack with a volume of 2.3 Tbps. In its “Threat Landscape Report – Q1 2020,” AWS Shield revealed that its team members had spent several days responding to this particular network volumetric DDoS attack. In Q1 2020, a known UDP reflection vector, CLDAP reflection, was observed with a previously unseen volume of 2.3 Tbps.

tripwire

Copied master key forces South African bank to replace 12 million cards

Fraudsters stole more than $3.2 million from the banking division of South Africa’s post office, after – in a catastrophic breach of security – employees printed out the bank’s master key. According to South African media reports, the security breach occurred in December 2018 when a copy of Postbank’s digital master key was printed out at a data center in Pretoria.

reciprocity

How to Adjust Business Continuity Plans for COVID-19

Your business continuity planning (BCP) and disaster recovery (DR) and response plans may not suffice for the COVID-19 pandemic—or for any pandemic. Let’s face it: Many organizations found themselves woefully unprepared to deal with the effects of the novel coronavirus’s rapid, devastating spread. Many are still struggling.

netskope

The Internet is Broken - So We Built an Alternative

You’ve probably heard at one point or another the cliché that the internet is broken. It’s no secret that the underlying infrastructure that businesses around the world use to access cloud applications and data is flawed and wasn’t built with today’s scale in mind. That puts IT security leaders in a tough position because there’s a penalty for deploying security tools, in the form of increased latency.

Monitoring A Hybrid Workforce, The New Norm

Before Covid-19, there were many reasons why employees worked remotely. For some, it was about removing distractions, and for others, it was about maintaining a healthy work-life balance. But as the world starts to reopen, companies now need to decide whether they continue to allow employees to work remotely or not. According to SHRM, 50% of companies recently surveyed, intend to keep offering a hybrid work arrangement, which means that organizations will need to find ways to monitor and manage employees while they’re in the office or at home. The benefits and challenges of a hybrid workforce Gauging employee productivity and engagement using technology How remote monitoring tools can provide metrics for companies of all sizes
cygilant

Introducing the "Working From Home - The New Norm" Blog Series

I am not normally a work from home kind of person. Working from home for me was always due to a physical constraint of needing to be at home for something – accepting a parcel that had to be signed for, or having a workman round to fix the oven, that kind of thing. Other than that, I much preferred to be in the office, since I love being part of a team and I like having the team in the office with me.

WhiteSource

Static Application Security Testing: SAST Basics

Static Application Security Testing (SAST) has been a central part of application security efforts for the past 15 years. Considering Forrester’s recent State Of Application Security Report, 2020 prediction that application vulnerabilities will continue to be the most common external attack method, it’s safe to say that SAST will be in use for the foreseeable future.

teleport

SCP - Familiar, Simple, Insecure, and Slow

SCP? It’s that handy file-transfer feature of SSH, right? Well, not quite. It’s more of a hack. Or an undocumented, unstandardized mashup of two protocols. Let’s look at the exciting (and scary) details. Secure Copy Protocol (SCP) allows us to move files (and directories) between two computers. Using it is straightforward: This will copy local_file.txt to another computer (usually a server) with domain name remote_host into the /home directory.

tripwire

The COVID-19 Pandemic Dominates the Cybersecurity World

Cybersecurity is not a static world. You can say that it is a social system, it affects and is affected by its surrounding environment. For example, back in 2018, it was the GDPR that shook the foundations of security and privacy by making the protection of our personal data a fundamental human right. But that was then. What is shaping today’s cybersecurity? This is the question that the Infosecurity Magazine State of Cybersecurity 2020 report investigates.

ekran

8 Best Practices of Privileged User Monitoring

Privileged users are an essential part of any organization. They know all the biggest company secrets and have access to the most vulnerable parts of the corporate network. At the same time, the 2019 Verizon Data Breach Investigations Report [PDF] names privilege abuse as the leading cause of data breaches within the category of misuse. The more privileges are assigned to a user, the closer they should be monitored.

cygilant

ACET During the Coronavirus: Then and Now

The coronavirus pandemic has forced both credit unions and the National Credit Union Administration (NCUA) to adjust how they do business. The NCUA published a statement (updated on May 15, 2020) noting that it recognizes that COVID-19 will affect credit unions and their members to varying degrees, yet remains committed to ensuring compliance and reporting mandates for credit unions.

detectify

Detectify security updates for 17 June

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

zeronorth

Week Two Featuring Research From Forrester: What Happens When Application Security Becomes Continuous?

How secure are the software applications within your organization? Think about it. Were they fully secure a month ago? How about yesterday? Maybe you’re not sure. Regardless of how you answer these questions, what you really need to consider is—how secure are your applications, right now, at this very moment? We learned last week, it’s never too early to think about application security.

Veracode Security Labs: Hands-On Training To Shift Application Security Knowledge Left - Demo

Veracode Security Labs shifts application security knowledge left, training developers to tackle modern threats in the evolving cybersecurity landscape by exploiting and patching real code, and applying DevSecOps principles to deliver secure code on time. Through hands-on labs that use modern web apps written in your chosen languages, developers learn the skills and strategies that are directly applicable to an organization's code. With detailed progress reporting, email assignments, and a leaderboard, developers are encouraged to continuously level up their secure coding skills. When development is empowered to fix security defects and reduce risk, security teams are better supported to scale AppSec programs, meet compliance requirements, and achieve business outcomes.
logsign

What are the Benefits of a Security Risk Assessment?

Being an important part of cyber security practices, security risk assessment protects your organization from intruders, attackers and cyber criminals. In this article, we will discuss what it is and what benefits it offers. A significant portion of our business processes heavily rely on the Internet technologies. That is why cyber security is a very important practice for all organizations. Making up a crucial part of cyber security, security risk assessment is a topic that must not be overlooked.

nnt

How to Move from Compliance to Risk-Based Security

As technology continues to evolve, so does the potential for cybersecurity risks, and just as the technology industry is showing no signs of slowing down development, neither are cybercriminals. Unfortunately for adopters of advanced technologies, the 2020 Thales Data Threat Report – Global Edition reveals that the more digitally transformed an organization is, the more likely the company is to be breached.

sqreen

Introducing "Preventing ATOs: How to Identify and Defend Against Account Takeover Attacks"

Account takeover attacks (ATOs) are an important vector to consider as you evolve your security strategy. When bad actors take over your legitimate user accounts, they’re able to steal customer data, commit fraud, and gain a wider attack surface within your application. To help companies better understand and protect against ATOs, we’ve put together a new ATO whitepaper.

alienvault

Cybersecurity for small business supply chain management

Small businesses are significant contributors to the economy. According to the U.S. Small Administration, they generate approximately 44% of the gross domestic product (GDP) in the U.S. However, small to medium enterprises (SMEs) are also frequently more vulnerable to the threats of our contemporary digital landscape.

siemplify

8 Best Practices for Secure Remote Work Access

As more and more employees have transitioned to working remotely, the cybersecurity threats that their organizations face have changed. While remote work offers many benefits to companies, it presents special security challenges that are not present in traditional office environments. This post identifies those challenges, explains how they change the nature of cybersecurity requirements and offers tips on how to secure remote access.

GDPR Compliance with Netwrix solutions

Netwrix helps organizations prepare for GDPR compliance audits and ensure the security of the personal data of EU citizens. Learn more at netwrix.com/gdpr How can you spare yourself tons of stress in audit preparation, avoid being the next GDPR breach headline and keep your customers in the EU? Netwrix can help you secure the data you store about EU citizens, uphold their rights and prove your compliance to auditors.
upguard

Cybersecurity Risk Assessment Tools You Can Rely on Year-round

Traditional cybersecurity risk management remediation efforts start with cybersecurity risk assessments and penetration testing. This commonly involved outsourcing to a consultant who would offer the assessment as a standalone service or as part of a larger risk management program. The issue is cyber risk assessments offered by third-parties only provide a point-in-time assessment of your (or your vendor's) security controls, an inaccurate measure of the true level of risk.

veriato

Two-Years Later: The Current State of GDPR & its Impact on Businesses

In April 2016, European legislators passed the General Data Protection Regulation (GDPR) and announced that it would become enforceable in May 2018. With less than 24 months to get their acts together and avoid hefty fines, organizations scrambled to prepare for compliance. Data breaches have unfortunately become the norm over recent years, and the legislation was formed to better regulate and hold these companies accountable for protecting individual privacy rights.

bearer

How Rust Lets Us Monitor 30k API calls/min

At Bearer, we are a polyglot engineering team. Both in spoken languages and programming languages. Our stack is made up of services written in Node.js, Ruby, Elixir, and a handful of others in addition to all the languages our agent library supports. Like most teams, we balance using the right tool for the job with using the right tool for the time. Recently, we reached a limitation in one of our services that led us to transition that service from Node.js to Rust.

rezilion

Vulnerability Prioritization: How to mitigate more risk with half the effort

Vulnerability management is the process of finding, assessing, remediating and mitigating security weaknesses. The vulnerability management process has as one of its main phases the vulnerability assessment, the step where vulnerabilities in the assets in scope are identified.

alienvault

Cybersecurity in education: Securing schools as they transition to online learning

Whether they were prepared for it or not, schools around the world have been forced to adopt an online learning model for students thanks to the COVID-19 pandemic. One of the biggest concerns educators need to have in this situation is exactly how to create a fully secure remote learning environment in order to keep sensitive information for both the schools and individual students safe from hackers.

upguard

9 Ways to Prevent Third-Party Data Breaches

The increasing number of third-party data breaches and the sensitive information they expose have negatively impacted consumer trust. Third-party breaches occur when sensitive data is stolen from a third-party vendor or when their systems are used to access and steal sensitive information stored on your systems. In today's interconnected economy, companies rely on third-parties.

logsign

What is P3P Policy and How Does it Work?

Simply put, P3P helps websites to inform their visitors regarding their privacy practices in a standard format. In this article, we will explain what P3P policy includes and how it is useful for your organization. As of today, we all use the internet technologies on a daily basis. We read news, view pictures, acquire information, connect with our loved ones, conduct our business processes, do shopping and much more on the internet. For all these purposes, we visit websites.

idcentral

M-Shwari: A window into the future of micro credit

Micro credit is one of those financial offerings which resides at the rare confluence of societal benefit and profit motive. The impact of microcredit availability on self employment, children’s education, sanitation, poverty reduction and women empowerment have been the subject of countless studies.

tripwire

Building on the IAM Benefits of SSO with MFA and Privileged Access Management

In part one of this post, we talked about why identity access management (IAM) is important. In that discussion, we identified three types of IAM: We discussed the different types of single sign on and some examples of what can be used to help streamline the user experience. Let’s now discuss how you can pair single sign on with other two types of identity access management.

tripwire

The Importance of Implementing an Information Security Policy That Everyone Understands

Information security (IS) and/or cybersecurity (cyber) are more than just technical terms. They’re the processes, practices and policy that involve people, services, hardware, and data. In particular, IS covers how people approach situations and whether they are considering the “what if’s” of malicious actors, accidental misuse, etc. I’m not sure about your operations teams, but no one in any of mine, myself included, were able to read minds.

zeronorth

Sick and Tired of Struggling With Application Security?

A recent report from analyst firm ESG highlighted the following statistic: 61% of organizations only secure half of their applications with some form of testing tool, which means many go unscanned altogether. Not confidence-inducing. And given the severity of the cyber threat landscape, application security (AppSec) is critical. This stat demonstrates how organizations are struggling to ramp up their security programs, and secure their applications.

siemplify

How SOAR Can Take Your Security Budget Further in Turbulent Times

When stay-at-home orders came down for much of the world in March, few businesses were spared the consequences of trying to operate amid a global pandemic, from personal loss and abrupt layoffs to revenue declines and logistical hardships. Of course, budgets have also been impacted, and facing the same indiscriminate fate, no individual department has been spared, including cybersecurity.

Outpost24 webinar: Improve Your Organization's Security With Red Teaming

Security assessments can be performed in many ways, depending on your organization’s maturity level and goals. Whilst vulnerability scanning can help to identify security flaws on a broader scope and penetration testing can conclude the risk level of vulnerabilities discovered, if you need to understand the full picture of your organization’s security awareness and readiness, a scenario-based Red Teaming Assessment (RTA) is the best way to assess the effectiveness of your defence mechanism from a hacker’s view.

Outpost24 webinar - Why security perfection is the enemy of DevSecOps

triving for total security is like searching for the holy grail: the chase is real, but mostly in vain. By spending too much time discovering vulnerabilities and fixing issues, it often leads to the dire consequences of missing delivery deadlines, crippling the development team’s ability to move forward and capture market opportunity.
logsign

What is Encapsulating Security Payload in Network Security?

Being one of the most popular tools used in network security, Encapsulating Security Payload (abbreviated as ESP) offers the help we need in keeping the integrity, authenticity and confidentiality of the information we send across networks. Keep reading to learn more! With the technological advancements, the way we conduct our business processes has changed immensely. Now, we heavily rely on the internet technologies and transfer massive amounts of data daily.

alienvault

Bluetooth security risks explained

What would we do without Bluetooth these days? Our earbuds and headphones would have to use annoying wires. We would have one less way to transfer files between your laptop and your phone. And how would you connect your phone to your car? But as a wireless data transfer standard, of course Bluetooth has some associated cybersecurity risks.

bearer

Can API Governance Help with Third-party APIs?

APIs are everywhere within your organization. Many may be internal, but we’re willing to bet there are many third-party web services and APIs that your business depends on too. Keeping track of them all, and ensuring that your team chooses the best APIs for their needs can be a challenge. In some cases, your organization may be using an API they don’t even know about. The solution to this “web of APIs” is to apply the concept of API governance to your API dependencies.

WhiteSource

CI/CD and the Promise of Agile Transformation

Continuous integration/continuous delivery, more commonly known as CI/CD, promises to help software companies become more agile by delivering software faster and more reliably. The goal of CI/CD is to reduce software development and delivery timelines from months or weeks down to days or even hours. It does this by pushing frequent updates and fixes regardless of size and using automation tools to help the process run smoothly.

styra

Open Policy Agent user survey validates need for cloud native authz

We recently surveyed the Open Policy Agent (OPA) community to gauge use case adoption, pain points and generally help guide the project. The recent survey results reflect how much the community has grown over the past year. This time we received 204 responses from over 150 organizations across North America, Europe, Asia, Australia and Africa. Over 90% of respondents indicated they are in some stage of OPA adoption (e.g., pre-production, production, etc.).

egnyte

The Fundamental Steps Every IT Admin Must Take to Prevent Ransomware

For enterprises that have at least some part of their IT environment in the cloud, the key to protecting data starts with understanding the layers of the cloud stack and their corresponding security risks. Each layer has its own unique threat potential, and when IT teams understand how data transacts at each layer, they can take appropriate measures to safeguard against those threats. One of the most common is ransomware.

alienvault

Are airports and airlines prepared for cyber threats post COVID-19?

The COVID-19 pandemic has unveiled numerous vulnerabilities and shortcomings in the airline industry. What’s worse for aviation in particular over other industries is how airports have essentially served as the portal for the virus traveling from one country to another across the globe. As a result of severe travel restrictions implemented by nearly every country, airline companies have been hit hard and forced into a dire financial situation.

tripwire

The MITRE ATT&CK Framework: Command and Control

Most malware these days has some level of Command and Control. This can be to exfiltrate data, tell the malware what instructions to execute next, or download encryption keys in the case of ransomware. In each case of command and control, the attacker is accessing the network from a remote location. Having insight into what is happening on the network is going to be crucial in addressing these techniques.

siemplify

We've SOARed and SOARed, and Now We've Reached the Cloud

Today marks a big day for Siemplify with the official launch of Siemplify Cloud – the cloud-native security operations platform that is designed for rapid time to value and today’s hybrid networks. As an innovator and the leading independent and vendor-agnostic SOAR provider, we’re proud to lead the pack with a true cloud-native offering that finally makes SOAR accessible for organizations of all sizes.

Netwrix Data Classification - Overview

Netwrix Data Classification is a software platform that helps you solve your most critical data security, content optimization and compliance needs, regardless of where your data is located. Every day employees produce tons of data. This skyrocketing data growth causes problems across the organization. Users can’t find the documents they need. Sensitive files get placed on public shares. Data storages reach their limits. It’s harder and harder for you to satisfy requests from your legal and compliance departments. Don’t let this pressure get a hold.
redscan

A guide to penetration testing for compliance

In many cases, penetration testing – a type of ethical hacking engagement designed to identify and address security vulnerabilities in networks, systems and applications – is required. Sometimes this requirement is specified directly, while in other cases it is implied by a need to build audit or assessment processes to mitigate cyber risk. This blog identifies some of the most common pen testing standards and regulations and provides guidance about the type of testing required.

upguard

The Top Cybersecurity Websites and Blogs of 2020

The information security landscape is constantly evolving, which is why it's so important to stay up to date with the latest trends, threats, and advancements. Given that a Google search for cybersecurity websites produces millions of results, we thought we thought we'd compile a list of the best. Adam Shostack & friends is a group blog on security, liberty, privacy, and economics.

Veriato Vision Intro and Demo

Veriato Vision employee monitoring software lets you record and track all of your employees' activity... so you’ll know if they are working hard or hardly working. Vision gives you granular control over what activities and programs you monitor. Once the Vision software is deployed on the company's PCs, Macs, and Androids, you can remotely monitor by the department, group, or individual. Additionally, you can monitor employees that are off-network or working remotely.
zeronorth

Week One Featuring Research From Forrester: It's Never Too Early in Development for Application Security

Forrester recently analyzed the current application security landscape, along with the program plans of global organizations for the next 12 months. Their independent research report, The State Of Application Security, 2020, delivers valuable insights for security and development teams on the critical need to integrate application security testing early in the software development cycle (SDLC) to mitigate risk.

stackrox

Securing Namely's Sensitive HR and Payroll Data on Amazon EKS

When you’re managing the distribution of people’s paychecks, you’ve got a high bar to meet on security. So for Namely, whose SaaS application supports payroll, people management, compliance and tax, and team collaboration for hundreds of thousands of users, security has been a priority from Day 1. The move to a microservices architecture, however, drove the need for a whole new approach to security.

siemplify

Preventing Data Exfiltration: Definition, Examples and Best Practices

As one of the biggest threats to data security, data exfiltration has the potential to result in devastating outcomes for organizations. From significant financial loss to regulatory compliance violations to sensitive asset leaks, data exfiltration is a critical business risk. Although it may seem difficult, preventing data exfiltration is possible with the right security strategies.

upguard

What Is Third-Party Risk Management?

Third-party risk management (TPRM) is the process of analyzing and minimizing risks associated with outsourcing to third-party vendors or service providers. This is commonly known as third-party risk or vendor risk and can include financial, environmental, reputational, and security risks due to a vendor's access to intellectual property, sensitive data, personally identifiable information (PII), and protected health information (PHI).

synopsys

How to get compliance audit training in the new virtual workplace

As many businesses have begun to work almost entirely remotely until an as-yet-to-be-determined date, they have had to plan for activities that took place largely in person in the past. For example, many compliance audits have gone virtual in these times of uncertainty. This shift has forced organizations to adjust how they prepare and plan. But even in these times of uncertainty, it is your organization’s responsibility to stay sharp and on track with security knowledge, planning, and response.

nnt

How to Detect Open Ports, Protocols and Services

IT Services rely on an individual port assigned to them in order to receive and transmit information, therefore, it’s imperative that an organization keeps track of what ports are open within their IT environment, the function of the port and what services it’s associated with. Detecting and disabling unwanted ports is part of an ongoing hardening process.

devo

A Checklist for Effective Threat Hunting Tools

Threat hunting is one of the most critical activities performed by SOC teams. Once an alert triggers and a tier-1 analyst assesses it and sends it up the line for further evaluation by a more senior analyst, the race is on. Hunting down the threat as quickly as possible, before it can wreak havoc on the organization, becomes the top priority.

alienvault

Stories from the SOC - detecting network anomalies with OTX

This Investigation was initiated on the basis of several Network Anomaly alarms triggered by ongoing suspicious activity on an employee device owned by a financial institution. During the discovery phase of the Investigation, we identified abnormal egress traffic to a known Indicator of Compromise (IOC) based on intelligence from the Open Threat Exchange™ (OTX®).

tripwire

How ExpertOps Can Help You Address the Infosec Skills Gap

Are you struggling to hire skilled digital security talent in 2020? If so, you’re not alone. According to a Tripwire study on the infosec skills gap, 82% of security experts said that their teams were understaffed; nearly the same proportion (83%) indicated that they were feeling more overworked going into 2020 than they were a year prior.

netwrix

Managing Microsoft Teams Using PowerShell

Microsoft Teams can be managed through its Admin Center, using PowerShell or via the Graphs API. In this article, you will learn the most common cmdlets to manage Microsoft Teams communication and collaboration for your organization. Before you start, check which Microsoft Teams administrator role you have, because access to different cmdlets depends on the role you are assigned in Azure Active Directory (Azure AD).

sqreen

Some great open-source security tools you should know

As the number of web applications grows and the digital world becomes more advanced, so also have hacking activities become more sophisticated. To keep up with all those hacking activities, many new security tools have been developed to help organizations detect vulnerabilities before hackers do. Often, those tools are fairly expensive. This discourages many organizations who are on a tighter budget from investing in security tools. Luckily, the open-source (OS) community can help us.

egnyte

6 Ways Ransomware Attackers Steal Your Data, And How IT Admins Can Stop Them

As companies invest in stronger firewalls and better IT infrastructure, brute force attacks have become harder to pull off. That’s the good news. The bad news is that hackers, in turn, have found new ways of wreaking havoc. The increasing use of ransomware as a weapon is a prime example of this. Through phishing or stolen passwords, a ransomware attack can sabotage a company’s most valuable asset, it’s content, without being detected.

tripwire

Three New Ways Tripwire Enterprise Can Help Monitor Ephemeral Assets in Dynamic Cloud Environments

Moving applications and infrastructure to the cloud offers a degree of flexibility and scalability that can be a boon to almost any organization. Having continuous software and asset availability in cloud environments with elastic, as-needed infrastructure is extremely valuable. Sharing security responsibilities with a cloud service provider can even unburden security and IT teams to a degree.

tripwire

Final Version of NIST SP 1800-23 Guides Identification of Threats to OT Assets

In September 2019, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) announced the release of a draft practice guide entitled, “NIST Special Publication (SP) 1800-23: Energy Sector Asset Management.” The NCCoE spent the next two months collecting comments from the public to improve their guide. They then used this feedback to improve upon their initial draft. But the wait is finally over.

netacea

How Are Bots Affecting Streaming Services?

Recently, it has been reported that Netflix has gained 16 million new sign-ups due to lockdown. This is no surprise with more people than ever being at home as a result of COVID-19. Streaming services are in high demand, this means increased sign-ups, and with more customers signing up, this increases the probability of account takeover attacks and fake account creation. With the current demand being so high for streaming services, we look into the main threats streaming services could face.

veriato

Protect Your Business with Digital Forensics Software

The world has been moving toward a fully connected workplace model for years, even prior to COVID-19. Now, understanding your company’s digital presence - and footprint - is more important than ever. Everything you or your employees do online could have lasting consequences for you, your employees, and your brand. Digital forensics provides you with a concrete, analytical way to investigate personnel claims and provide the necessary evidence to properly assess internal issues.

zeronorth

It's Time to Stop Waiting for Application Security to Find You

If software is the gooey center of the business world, what can we do to harden it? As a CISO, business manager, industry professional or anyone else interested in keeping applications and infrastructure secure, what can you do to stay current and competitive in the quest for successful digital transformation? It’s no secret that developing, deploying and continuously updating vulnerability-free code is a daunting task.

logsign

What are Authentication Protocols in Cryptography?

Keeping information safe is an ongoing battle and authentication protocols are among our best friends in this fight. Keep reading to learn more! In today’s world, information is one of the most important and valuable assets that an organization can have. That is why keeping sensitive and private information away from prying eyes has the utmost importance. For this purpose, we often employ authentication protocols and cryptography methods.

stackrox

Mitigating CVE-2020-10749 in Kubernetes Environments

A vulnerability that might enable a man-in-the-middle attack on Kubernetes clusters, CVE-2020-10749, was disclosed a few days ago. This vulnerability is not in Kubernetes itself but rather in certain container networking implementations – IPv4-only clusters using affected implementations are vulnerable. The vulnerability allows for man-in-the-middle (MITM) attacks, where an attacker can intercept network traffic to a pod in a Kubernetes cluster and impersonate it to clients.

alienvault

Keeping kids safe online

As we all know by now, the Internet is an excellent tool for business, learning, and entertainment. Not only is it a tool, but it's also an essential part of our lives. Information, connections, and opportunities at the touch or swipe of a finger. As more and more people go online, the age of the average user becomes lower and lower. What is the responsibility we have to safeguard the wellbeing of those that come after us into this new digital age?

tripwire

Why NHS, UK Healthcare Orgs Need to Boost Their Security in Age of COVID-19

All National Health Service (NHS) and social care organisations in the United Kingdom have always been and will always be a target for bad actors. The nature of their business and the sensitive data they hold make these entities appealing to bad actors who know that legacy systems, and/or, not regularly patched systems, such as those employed by healthcare organizations are easy to penetrate.

tripwire

The scammer who tried to launder over $500,000 through Business Email Compromise

A 64-year-old man has pleaded guilty in a Texan court to charges of money laundering after a series of attacks that defrauded companies out of hundreds of thousands of dollars. Kenenty Hwan Kim (who sometimes went by the name Myung Kim) took advantage of a simple trick that has proven highly effective to fraudsters in recent years. The method of tricking businesses into handing over large amounts of money is known as Business Email Compromise (BEC), and comes in a variety of flavours.

reciprocity

How the COSO Framework Helps You Comply with SOX

In May 2013, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its updated Internal Control-Integrated Framework. COSO is an organization that aims to improve organizational performance and corporate governance through effective internal control, enterprise risk management, and fraud deterrence.

SOC Quarantine Diaries: Nick Percoco, CISO of Kraken, on the Crypto Exchange's "Productive Paranoia"

Episode 3: So what's it like to be at the helm of the cybersecurity division of a cryptocurrency exchange? It's a question we couldn't ask as recently as a decade ago, but now we can -- and we did with Nick Percoco, CISO of Kraken. Nick discusses responding to threats, building a security culture and evolving in a work-from-home world.
upguard

What Is an Insider Threat? Definition, Examples, and Mitigations

An insider threat is a threat to an organization that comes from negligent or malicious insiders, such as employees, former employees, contractors, third-party vendors, or business partners, who have inside information about cybersecurity practices, sensitive data, and computer systems.

Welcome to Cygilant, Cybersecurity-as-a-Service, made affordable and personable.

We are your cyber partner. We are not here to throw alerts over the wall and hope for the best. We are here to be your true partner, one that knows you, your team, your business and maybe even your family. We take the utmost pride in our experts that have your back and allow you to focus on your job. Because your job is not easy. And, we get that.
zeronorth

What Does Successful Vulnerability Discovery Look Like?

If you’re developing software, you need quality assurance (QA) and you need a way to manage vulnerability discovery. These are two distinctly different streams. QA focuses on bugs or problems which cause things to break or prevent functionality from behaving the way it’s meant to. The QA process tests the software to ensure all features are working properly. You’re following a defined requirements list, making it a bounded exercise. This isn’t to say the QA process is easy.

WhiteSource

June 2020 Open Source Security Vulnerabilities Snapshot

It’s time for June’s open source vulnerabilities snapshot, your monthly overview of everything new in the fast-paced world of open source security vulnerabilities. In hopes of giving you this month-at-a-glance summary of current trends in the open source ecosystem, our trusted research team reviewed the new open source security vulnerabilities published in May and collected by the WhiteSource database.

spambrella

What is LNKR Google Chrome Extension Malware?

LNKR malware uses browser extensions in Googles Chrome to track browsing movements and activities of users and then overlays ads on legitimate websites. Using extensions to add code that executes in a user’s browser is a common and lucrative monetization technique on the internet, where spyware, adware, and other browser-based nuisances have thrived since the early days.

egnyte

The Future is Flexibility: How IT Leaders Are Moving Forward

When organizations around the world began shifting their workforces in response to the COVID-19 crisis, the question on everyone’s mind was “When will things go back to normal?” When social media giant Twitter announced it would be allowing employees to work remotely permanently, the conversation took a quick shift: Forget normal, are traditional offices gone for good?

egnyte

Better Together: Integrations to Make "Work Anywhere" Work

The nature of work these days is collaborative. Teams that work together get more done. But successful collaboration in business goes beyond people; it applies to the tools teams use to get their work done. Never has this been more true than now with the global pandemic that has shut most offices down and led to widespread remote-work situations for employees.

alienvault

Stories from the SOC- SSH Brute Force Authentication Attempt

Ervin McBride IV – TDP Engineer II contributed to this article. Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.

siemplify

Kraken CISO Nick Percoco on the Crypto Exchange's "Productive Paranoia" and the Future of Protecting Home Networks (Video)

Audio Version Episode 3 of SOC Quarantine Diaries catches up with veteran security mind Nick Percoco, whose renowned career has seen him go from pen tester to research lab founder to CISO of two companies As the current security chief for popular digital currency exchange Kraken, Percoco is not only confronting the unique challenges of safeguarding a crypto platform – several of which have faced devastating breaches in recent years – but also ensuring their millions of customers are protect

upguard

What Is the Cyber Kill Chain and How to Use It Effectively

You're probably familiar with the defense-in-depth or castle and moat approach to cybersecurity. It remains a common model that organizations use to think through their information security. However, as organizations have matured they have sought out new models to enable them to better understand how cyber attackers operate and how best to defend against them.

bearer

How to Listen for Webhooks with Python

Webhooks run a large portion of the "magic" that happens between applications. They are sometimes called reverse APIs, callbacks, and even notifications. Many services, such as SendGrid, Stripe, Slack, and GitHub use events to send webhooks as part of their API. This allows your application to listen for events and perform actions when they happen. In a previous article, we looked at how to consume webhooks with Node.js and Express.

logsign

Authentication Header in Network Security

Ensuring authentication is one of the pillars in cyber security. That is why authentication header is one of the crucial practices. In this article, we will explain what authentication header is and how it can be useful for your organization. Almost every cyber security and/or information security expert knows about the famous CIA triad: Confidentiality, Integrity and Availability. These three consist the pillars of data security.

nnt

Cybersecurity Threats Facing the Technology Industry

As companies face increasingly sophisticated cyber threats, they often turn to technology solutions to help protect their data and systems from attacks. But what happens when your company is in the technology industry? Cyberattacks are increasingly targeting technology companies who often store and handle significant amounts of sensitive data, including personally identifiable information and intellectual property on behalf of their customers.

spambrella

The Email Laundry End of Life?...

June 1st 2020: Fireeye end of life The Email Laundry email security service. This comes as a surprise to many as Fireeye acquired The Email Laundry back in 2017 and seemingly had plans to greatly expand the service. The Email Laundry serviced MSPs and small organizations whereas Fireeye had a conserted desire and history servicing Enteprise businesses. This may be why Fireeye decided to exit the SME Email Security service market.

teleport

VPNs and Zero Trust: Thoughts on the Evolving Nature of Remote Access

Organizations of all sizes are currently under siege by adversaries with unlimited time and enough technical skill to exploit the cracks in our information systems and networks. All organizations have something to protect, whether large or small, and they are always looking for new technology to help against these adversaries. Zero Trust has become the latest framework to solve all of our security woes.

alienvault

Threat hunting explained

The process of threat hunting involves proactively searching for malware or attackers that are hiding within a network. Rather than simply relying on security solutions or services to detect threats, threat hunting is a predictive element to a layered security strategy, empowering organizations to go on the offensive looking for threats.

tripwire

Contact Tracing: De-mystifying How an App Designed to Track People Can Ensure User Privacy and Security

Many governments in many countries around the world recognise that contact tracing plays a very important part to reduce the spread of the deadly disease, COVID-19. In this article, we take a look at the conventional method of contact tracking and comparing it against how technology helps contact tracing and its pro’s and con’s.

siemplify

Looks Can Be Deceiving: Context and the New Normative in Log and Event Analysis

(The following is a guest post written by Alissa Knight, an ethical hacker, entrepreneur and author.) Is your SIEM or SOAR tool capable of contextual awareness? When a detection system is able to apply context to decisions, it’s taking its situational awareness of the environment, such as its understanding of entities and users, and improving the accuracy of its decisions at the time the decision is made.

reciprocity

What are the Elements of an Integrated Risk Management System?

Integrated risk management (IRM) is “a set of practices and processes supported by a risk-aware culture and enabling technologies that improve decision making and performance through an integrated view of how well an organization manages its unique set of risks,” according to research firm Gartner Inc.

netacea

Uncovering Bots in eCommerce Part 3: What Sets Scraper Bots Apart?

Web scraping uses bots to collect large amounts of data from websites. Quite simply to extract content and data from a website. Data that’s publicly available. The scraper bot can then duplicate entire website content elsewhere. Scraper bots, most of the time, are not always bad. Bots are constantly at work behind the scenes making our digital lives run smoothly. They are usually looking for information that you are freely giving to your website’s visitors.

redscan

Redscan ThreatDetect Highly Commended at SC Awards 2020

Chosen from a final shortlist of five companies, ThreatDetect was selected for service excellence and, in the words of the judges, for helping organisations ‘to reduce mean time to detect and respond to threats from months to minutes’. “We are delighted to have been recognised in the SC Awards for four consecutive years.” said Redscan’s Product Marketing Director, Simon Monahan.

upguard

What is an SMB Port + Ports 445 and 139 Explained

The Server Message Block Protocol (SMB Protocol) is a client-server communication protocol used for sharing access to files, printers, serial ports, and data on a network. It can also carry transaction protocols for authenticated inter-process communication. In short, the SMB protocol is a way for computers to talk to each other. SMB works through a client-server approach, where a client makes specific requests and the server responds accordingly. This is known as a response-request protocol.

ekran

Increase Employee Productivity with User Activity Monitoring

High employee productivity is vital for your business’s success. Yet only 34% of US employees are engaged with their work (and 13% are actively disengaged) according to a 2018 poll by Gallup. But the productivity of even the most engaged employees tends to decrease over time. Workers require constant support to stay productive. This is especially important when dealing with remote employees, as they aren’t within their manager’s eyesight and have lots of domestic distractions.

AppSec: Pushing Left, Like A Boss

With incident response and penetration testing currently receiving most of our application security dollars, it would appear that industry has decided to treat the symptom instead of the disease. “Pushing left” refers to starting security earlier in the SDLC; addressing the problem throughout the process. From scanning your code with a vulnerability scanner to red team exercises, developer education programs and bug bounties, this talk will show you how to ‘push left', like a boss.
stackrox

What's New in Istio 1.6? New Features and Capabilities

The Istio service mesh continues its quarterly release cadence with version 1.6. After major changes in release 1.5 to the control plane architecture, notably moving from a set of microservices to a monolithic Istiod service, and the introduction of a new, unified model for extending Istio and its Envoy proxies using WebAssembly, Istio 1.6 may seem tame in comparison, but it still offers a large number of smaller enhancements with a focus on operability. We will look at several of the highlights.

stackrox

EKS vs GKE vs AKS - June 2020 Update

In February, we published an article providing side-by-side comparison between the managed Kubernetes offerings of the three largest cloud providers: Amazon’s Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). The Kubernetes ecosystem changes rapidly, as do the feature sets of these managed platforms. This post covers important updates to these services made since our original comparison and our April and May updates.

alienvault

Top Cybersecurity threats For seniors

There are around 39.5 million people in the U.S. aged over 65, and a high percentage of them, particularly women (nearly 40%) live alone. Living alone makes seniors more reliant on technology, which can be a savior (think Zoom, Skype and other communication-centered technology) as well as a threat (from phishing to fake antivirus software and bitcoin scams). Are seniors more vulnerable to cybersecurity threats, and if so, what can be done to reduce their risks?

tripwire

Cybersecurity Must be an Integral Part of any Pandemic Response Plan from Now On

Sometimes the best way to inform ourselves about how cybersecurity is dealing with a new threat, technology, or situation is to just ask. COVID-19, and the resulting lockdowns, quarantines and economic changes certainly counts as a ‘situation’ for cybersecurity.

upguard

116 Must-Know Data Breach Statistics for 2020

Data is rapidly becoming one of the most valuable assets in the modern world. The digital giants that monopolize data are arguably the most powerful companies in the world, prompting ongoing conversations about anti-trust legislation and digital privacy. Despite the overwhelming value controlled by these entities, as we'll see, even companies such as Facebook are vulnerable to the byproduct of the rapid move to digitization – the data breach epidemic.

spambrella

Is it time to consider leaving Symantec Email Security.cloud (MessageLabs)?

With the ever-changing email security market, is now the time to consider leaving Symantec Email Security.cloud (MessageLabs)? Broadcom’s acquisition of Symantec has already caused a trend migration away from Symantec.cloud services according to Proofpoint partner Spambrella. This article explains why Spambrella is attracting Symantec Email Security clients and also explains why you should consider moving to an alternative solution.

inetco

Exploring INETCO's Case Management Engine to Speed up Payment Fraud Investigations and Reduce False Positives

INETCO thrives on helping financial institutions deliver an amazing customer experience through optimized transaction performance, faster detection of transaction-level fraud and maximized business value from payment intelligence. Our core competency lies in our ability to decode a wide variety of payment protocols on-the-fly, making comprehensive transaction data ready for real-time analysis.

egnyte

How Two Companies Fast-Forwarded Their Work-From-Anywhere Strategy

When the coronavirus pandemic hit, companies had to close offices and transition the bulk of their employees to full-time remote working. Here, we talk to IT leaders from IK Investment Partners and Brookfield Properties about their experiences of pivoting to a fully remote environment at speed – and how they empowered people to stay productive and connected.

4 Ways to Increase Developer Buy-In of AppSec

Today, most organizations are in a race to deliver new, innovative software before their competitors. In turn, they have gone from bi-annual software releases to daily, hourly, or even by-the-minute releases. To keep up with these rapid deployments, security has had to shift from being a late-stage blocker, to an integrated part of the development process. Developers have been doing their best to implement these security measures, but since their performance is often tied to the rate of deployments, speed tends to take precedence. As a security professional, what are some steps you can take so that security doesn't take a back seat to speed?

Developers Are Taking Over AppSec

Developers across the industry are stepping up to take more responsibility for their code's vulnerability management. In this report we discuss trends in how security is shifting left to the earliest stages of development, putting the power developers in the front seat. We explore the growth of automated tools aimed at helping developers do more with fewer resources and look for answers on what is needed to help close the gap from detection to remediation.

Vulnerability Prioritization Through The Eyes Of Hackers

Software development teams are constantly bombarded with an increasingly high number of security alerts. Unfortunately, there is currently no agreed-upon strategy or a straightforward process for vulnerabilities' prioritization. This results in a lot of valuable development time wated on assessing vulnerabilities, while the critical security issues remain unattended.