Have you noticed that people are just too busy to read important information you send to them? One of the problems with disseminating information, especially when it is about cybersecurity, is that there needs to be a balance between timing, priority, and cadence.

Hello all and welcome to the first episode of a new blog series focused on how to prevent WordPress site hacks. In this first post of the series, I will provide videos and articles that will comprise a set of tutorials to show you the ins and outs of building a home lab that will give you the flexibility to test, hack, or learn just about anything in IT.

We’re proud to announce a new USM Anywhere App for Box! We use the Box Events API to track and detect detailed activity on Box. This new addition to the set of USM Apps arrives to provide an extra security layer to cloud storage services that many enterprises are outsourcing to Box. Beyond monitoring and data collection, USM offers early detection of critical events and alerting, thanks to event correlation and business intelligence.

I was watching a wonderful webcast by Marie Forleo. It was part of her “Copy Cure” course, and if you are unfamiliar with Marie and her work, take the time to explore some of her wisdom. Her webcasts are gems, particularly if you work in the consulting space. During the webcast she mentioned a phrase that should be at the top of mind for every InfoSec professional: If you confuse them, you lose them.

Stock sales and trading play a huge role in the U.S. and global economy. Stock exchanges provide the backbone to the economic infrastructure of our nation, as they help companies to expand when they’re ready by offering the general public a chance to invest in company stock. However, investing in the stock market can be a gamble.

In our previous blog, we analyzed how it is possible to map malware threats using the MITRE ATT&CK™ framework. In this blog, we will test the USM Anywhere platform against red team techniques and adversary simulations. We performed this analysis as part of our continuous efforts to improve the platform’s detection effectiveness.

Recent statistics show that 60% of businesses are forced to suspend operations after a cyber-attack are never able to reopen for business. This is largely due to revenue lost due to downtime as well as damage to the company’s reputation. The good news is that most of these threats can be mitigated with reliable cybersecurity. When it comes to cyberattacks, time is of the essence.

At RSA 2019, we conducted a survey that netted 733 respondents along with interviews between Javvad Malik, former security advocate at AT&T Cybersecurity, and security experts. The full results are in his comprehensive and informative research report. Following are a few highlights.

AT&T Alien Labs has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604). One report by the Saudi Cyber Security Centre appears to be primarily targeted at organisations within the kingdom. An earlier report by the Canadian Cyber Security Centre identified similar deployment of the tiny China Chopper web-shell to gain an initial foothold.

Today, software is being developed at a breakneck speed. Agile development and the aggressive adoption of DevOps is leading to an abundance of functionality and feature sets, or pieces of code pushed out to consumers at a record pace. These one-click opportunities may indeed get us what we want, however, the game remains the same. The Achilles Heel is security vulnerabilities, regardless of technology maturity or speed of release.

On 18th April 2019, @ATTCyber gathered a panel of CISOs (and recovering CISOs) for a tweetchat to discuss some of the questions that we’ve always wanted to put to senior security folk. The virtual panel consisted of Thom Langford, Quentyn Taylor, James Gosnold, Andy Rose and Raj Goel; with participation from many others. Below I’ve summed up some of the key discussion points around each questions.

In recent months, I have met many people who are interested in working in Cybersecurity. This is wonderful, especially given the amount of available employment opportunities in this field. Like any ambitious person, the people who approach me to ask about getting into the field want to fully immerse themselves in “all things security”. This is admirable, but I often advise them to slow down a bit, and not quit their day job.

A comprehensive, six-month study released by Proofpoint, in March reports that (oh, to our surprise), attackers are “leveraging legacy protocols and credential dumps to increase the speed and effectiveness of brute force account compromises at scale.” Yikes!! At SCALE! Threat actors design threats aiming at platforms or services which will provide the greatest ROI for them.