November 2021

Looking back at the ADSelfService Plus features and enhancements from 2021

The new year is approaching, and recapping the features and enhancements ADSelfService Plus realized in 2021 is fitting. The integrated self-service password management and multi-factor authentication (MFA) solution for Active Directory and cloud applications added many exciting new features and enhancements. In 2020, the major features released by ADSelfService Plus, like MFA for VPN and conditional access, focused on tackling the security issues that arose with the shift to remote work.

Predict Cyber-attacks via digital twins

Several of the digital twin technologies out there have grown fast in only a few years. Picture establishing a virtual model of IT infrastructure where one can identify loopholes, create attack scenarios, and prevent catastrophic attacks before the system is officially put in place. Using digital twins, it's no longer a silly idea for organizations to follow. Let's get knowledge of Digital Twin technology and how it can help to assess the loopholes in your security posture.

What Does Sun Tzu Have to Do with XDR? More Than You Might Think!

Military general and philosopher Sun Tzu once led the largest armies in the world and authored The Art of War, still considered a masterpiece of tactical warfare and very relevant as we wage our battles against evolving cyberattacks. That’s because even though threat intelligence is a relatively new discipline in our cyber defense processes, it has actually been around for more than 2,500 years.

How To Protect Sensitive Data with Cloud DLP

A recent report from IBM found that data breach costs rose from $3.86 million to $4.24 million in 2021. This year’s estimate is the highest average total cost in the 17-year history of the IBM Cost of a Data Breach Report. Partly, the record-setting cost of a data breach has to do with the fact that so many companies are working remotely.

Holiday phishing season: Your guide to staying scam-safe

For many of us, the Thanksgiving and Christmas period is a chance for some well-deserved downtime. For cybercriminals, not so much. The holiday season is one of the most productive time of the year for the Phishing-as-a-Service (PhaaS) industry. Online retail sales spike around holidays, creating more opportunities to catch people out with phishing emails and spoofed websites.

Situational awareness for CISA FECB playbooks

CISA recently released a set of playbooks for the Federal Civilian Executive Branch (FCEB) to provide improved cybersecurity incident response (IR) and vulnerability response. As was demonstrated by the SolarWinds SUNBURST attack in December 2020, coordination and reporting across the FCEB continues to be a challenge. Adding to this challenge is the situation where agencies have differing playbooks on how to handle confirmed malicious cyber activity where a major incident has been identified.

Fileless attacks: a cybersecurity insight to be taken into account

Hackers are highly trained cybercriminals with access to resources capable of compromising a system in an organization without being detected. And malwareless attacks – where cybercriminals access critical business networks without malware – are on the rise.

Zoom Monitoring with Tripwire Configuration Manager

Last month, we covered how Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, GCP, and other cloud-based services such as Salesforce. In this blog, we will continue our dive into cloud services and show how Tripwire Configuration Manager can monitor your Zoom environments. Zoom is a popular video telecommunications platform that has seen tremendous growth in the past few years.

Creating a Cloud Security Stack for AWS Control Tower

Co-authored by Andy Horwitz and Yuri Duchovny Today, Netskope released a new cloud security solution to help AWS customers provide consistent security across all their AWS accounts leveraging AWS Control Tower. Many AWS Customers follow the multi-account framework as a best practice to isolate teams and workloads on the cloud. Often this may introduce overhead in terms of policy configuration and management.

Social Engineering Part 2: Sophisticated social engineering techniques

Social Engineering is a form of security fraud that relies on psychological manipulation techniques to trick people into revealing sensitive information. In the previous article in this series, we discussed what social engineering is in more detail, the social engineering lifecycle, its reliance on human error, and some of the more common social engineering techniques.

Data Protection Healthcare and Social Care | How to Store Information

The Data Protection Act is an important part of the cyber domain and legislation for anyone working in health and social care. It governs how to protect the information in health and social care. This blog post will explore the implications of the act on healthcare professionals, patients and other individuals who may have dealings with you as an organisation or individual providing care to others and the importance of protecting sensitive data in health and social care.

November Release Rollup: Dark Mode, Confidence Scores, and More

As we enter the holiday season, Egnyte is excited to share a number of updates to its platform, including user experience improvements, new governance functionality, and enhancements to search on mobile. Check out some of our top product releases for November below.

Zero Trust: Public and Private Sectors Facing Similar Risks

Kevin Kerr, Lead Security Principal Consultant at Trustwave, participated in a discussion on Zero Trust with Steve Riley, Field CTO at Netskope during SASE Week 2021. The importance of Zero Trust is derived from how it functions. Instead of focusing on protecting a physical network, a Zero Trust network works by focusing on securing the resources that reside on or have access to the network such as data, identities, and services.

Low-code is driving a tectonic shift in IT - can IT and security teams enable the business while also staying secure?

In recent years, we have witnessed a tectonic shift in the way organizations develop and maintain software. As part of this shift, IT operations are quickly getting decentralized.

Automating Container Runtime Security Scanning with Snyk

So you’re running microservices in containers? Congratulations! This is an important step towards meeting those business needs around delivering applications to the hands of your customers as soon as possible. But how can we mitigate any potential risks associated with faster software deployment while running on Kubernetes? Simple, with Snyk’s Kubernetes integration we can identify vulnerabilities in their associated images and configurations that might make those workloads less secure. Watch this video to find out how!

Java Security Tip: Sanitize user input

Java Security Quick Tip: Always santize user input before you display it in your web app. Displaying user input wideout proper validation or sanitization can lead to cross-site scripting security issues. With the OWASP Encoder library, you can escape scripts and be positive that they will not be executed in the users' browser. In this video I will answer the following questions Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for Java and many other languages.

Charts - Bar Charts

Netskope Advanced Analytics: Learn how to build and customize bar charts. Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data-centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

Prepare for the next phase of work from anywhere security

What are some of the steps you take to continuously ensure data loss isn’t an issue and what can others do to stay ahead of the problem? Hear from Tom Davison, Senior Director of Security Engineering, and Nick Sears, VP Sales SASE Solutions at Lookout to find out how to keep your data secure with Lookout's SASE, CASB, and ZTNA.

Rezilion Named Launch Partner for the New, Enhanced Amazon Inspector Automated Vulnerability Assessment Service

Technology for automated, risk-based vulnerability management enhances Amazon Inspector vulnerability scan results, helping customers streamline manual security work while elevating security posture.

The ultimate Microsoft 365 management and security tool

The hybrid work environment is a significant and challenging change we have embraced in the past two years due to the pandemic. And Microsoft 365 continues to be the most commonly chosen cloud-based work suite with 50.2 million users around the world. With cloud-based products, all we need is internet connectivity. The people, files and data we work with travel with us, irrespective of where we work from. Microsoft 365 comes with a wide array of features to simplify collaboration and communication.

Using Mitre Att&CK with threat intelligence to improve Vulnerability Management

Threat actors are constantly evolving their tactics and techniques in the attack lifecycle and infiltrate company infrastructure. While most organizations are already performing vulnerability management based on CVEs by MITRE, few have considered the powerful correlations between threat intelligence, CVEs and the ATT&CK® framework. In this blog we highlight the benefits of bringing them together to drive focused remediation and improve cyber defense.

Rising volume of email fatigue opens doors for Cybercriminals

While remote work has many benefits, it can increase the risk of employees suffering from directed attention fatigue (DAF), where they find themselves unable to focus due to constant distractions. This is due primarily to isolation and the constant bombardment of emails and instant messages. In fact, one of the most worrying types of DAF for security professionals is email fatigue.

LogSentinel XDR - A Unified Security Monitoring Platform

XDR (eXtended Detection and Response) is a new Gartner category, which, we’ve argued before, is SIEM++, or what next-gen SIEM should have been. This is why we are packaging our latest feature updates into an XDR offering that should greatly improve the detection and response capabilities of any organization, especially mid-market organizations, which gain the most benefit from integrated, easy-to-use platforms. LogSentinel XDR is a unified security monitoring and response platform.

re:Invent 2021: 10 Reasons You Need Teleport to Secure Your Apps on AWS

Teleport will be live at re:Invent from Nov. 30-Dec. 2. If you are there, please stop by Booth 718 and talk to me and the Teleport team about how we can improve your security and compliance of apps running on AWS. If you can’t make it in person, here is my top 10 list of things you should know about AWS and Teleport. Check out our Teleport on AWS page for more info.

How to prevent known exploited vulnerabilities at the endpoint

The US Cybersecurity and Infrastructure Agency (CISA) has issued a directive to federal agencies and other public bodies requiring them to take steps to reduce their risk of exploited vulnerabilities. CISA highlights the startling finding that hackers are exploiting up to 290 different vulnerabilities in these agencies.

AWS + Rezilion: A Better-Together Solution

Today we are thrilled to announce that Rezilion will be featured as one of the launch partners for Amazon Inspector security assessment service. At this same time, we are also unveiling our agentless deployment mechanism across AWS instances: a turning point in our customer experience, empowering 1-click deployment of our toolset for the world’s largest cloud computing community.

Six Python security best practices for developers

Python is a valuable programming language, but using it without proper security best practices puts applications at risk of an attack. Python is a fast, platform-agnostic, and easy-to-learn programming language that is suited for beginners and experienced developers alike. Ever since its first release in 1991, Python has had a constant presence in the computer world and has become a go-to language thanks to its easy-to-understand code and versatility.

Announcing new Sumo Logic AWS security Quick Start integrations

We’re excited to announce updates to Sumo Logic AWS Quick Start Integrations that enable customers to automate the integration of AWS Security Reference Architecture within Sumo Logic Cloud SIEM powered by AWS. The new integrations automate the collection, ingestion, and analysis of applications, infrastructure, security, and IoT data to derive actionable insights for security engineering teams.

5 Steps to Become PCI Compliant

If your organization handles any type of payment processing, storage, or transmission of credit card data electronically, you’ll be very familiar with PCI DSS (formally known as the Payment Card Industry Data Security Standard). This standard exists to protect debit and credit cardholder data from unauthorized access via data breaches, ransomware, and other security breaches. However, with the rise in these breaches also comes the rise in changes and rules to the PCI DSS.

What Is an Internal Penetration Test and How Is it Done?

A famous 2011 article by security adviser Roger Grimes is intriguingly titled, “To beat hackers, you have to think like them.” In the article, Grimes explains that IT security professionals must view IT systems through the eyes of hackers — and search ways to break into these systems, identify weaknesses, and create robust security measures. That is exactly what penetration testing is all about.

Risk Assessments and Internal Controls

From innocent but costly mistakes to fraudulent manipulations, all organizations are subject to significant risks that can jeopardize financial reporting or lead to the loss of corporate assets. That’s why it is imperative to establish a robust system of internal controls to reduce or prevent such threats to the organization.

Cross-border Payments Outlook 2022: Trends, Challenges, and Opportunities

As more and more countries open their borders after COVID-19 travel restrictions, the payments industry is undergoing a shift towards more openness as well. The pandemic gave a boost to the global digital economy, accelerated open banking, and increased the need of moving funds across borders when traveling was not possible. According to the Visa GME study, 87% of global merchant executives see cross-border sales as their biggest growth potential.

What is a Formjacking Attack and How to Prevent It?

Last year, as most people were stuck at home, many of us became even more dependent on e-commerce sites than we were already. Unfortunately, that includes cybercriminals too. In 2020, scams targeting the checkout forms of online retailers rose by 20%, according to reports.

National Computer Security Day: Tips for Securing Your Home Computers

Tuesday, November 30th, is National Computer Security Day. Although this special day has been around since 1988, many people are not only unaware of it, but are still also unaware of some of the basic security required for protecting their computing devices. The rise of remote work has stretched the security perimeters of all corporations, and fortunately, there are products, such as Tripwire Enterprise that can help them to protect the organization, from the full computing systems, to data storage.

Securing SAP SuccessFactors to remain compliant

Lookout is the only CASB in the SAP Store, and the only CASB vendor in the SAP integration partner lineup. We’ve worked closely with SAP to understand how SuccessFactors interacts with users and handles data. Recognized by Gartner as an industry-leading solution, Lookout CASB has built-in advanced data security and user and entity behavior analytics. But we wanted to ensure we can safeguard SuccessFactors and its vast functionalities, that’s why we worked hard to understand how the HCM solution interacts with users and handles data.

Folder Notifications via Email

When you work collaboratively in a folder, make sure you stay up to date with changes by turning on folder notifications! From the My Preferences section of your user profile, select Receive folder notification emails for chosen folders and your desired frequency. Then, navigate to the folder locations of your choice, and Select Folder Details and Options under More. From the Options tab, you’ll be able to choose your notification preferences for when content is “added, updated, or removed” or “downloaded and previewed.”

What is Malware? Types of Malware Explained

What is malware? Malware is a type of computer virus that can infiltrate your system and steal personal information, delete files, or hold your device for ransom. In this video, I'll explain the different types of malware: spyware, adware, and ransomware etc. Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.

What is an Enumeration Attack? How they Work + Prevention Tips

An enumeration attack is when cybercriminals use brute-force methods to check if certain data exists on a web server database. For simple enumeration attacks, this data could include usernames and passwords. More sophisticated attacks could uncover hostnames, SNMP, and DNS details, and even confirm poor network setting configurations. Every web application module that communicates with a user database could potentially become an enumeration attack vector if left unsecured.

How to Detect Data Exfiltration Before It's Too Late

A data exfiltration attack involves the unauthorized transfer of sensitive data, such as personal data and intellectual property, out of a target system and into a separate location. These transfers could either occur internally, through insider threats, or externally, through remote Command and Control servers. Every cyberattack with a data theft objective could be classified as a data exfiltration attack.

Redirecting the Zero Trust Conversation to Build a More Robust Architecture

In a recent Tripwire survey, over 300 respondents from both private and public sectors said that implementing Zero Trust Architecture (ZTA) could materially improve cybersecurity outcomes. This result seems like a positive outcome since we don’t often get such a unanimously high confidence level in a specific security approach from survey data.

Extending Teamcenter Security & Authorized Data Access model (ADA) to Protect Files with DRM

In this NextLabs demo, we will show how Teamcenter user attributes and ADA license will be applied to protect files using digital rights management (DRM) in three use cases. NextLabs’ enterprise digital rights management (EDRM) for Siemens Teamcenter provides enhanced protection with advanced rights protection capabilities to ensure business-critical data remains secure. Persistent data protection allows product teams to securely collaborate and share valuable information with partners and multi-level supply chains without the risk of compromise or threat. Moreover, authorized users can open, view, an modify protected files using native applications such as Siemens NX, as seen in the demo.

CISA Releases New Tool to Help Organizations Prevent Insider Threats

Organizations across various industries spend their time and resources to mitigate impending cybersecurity threats to protect their assets and sensitive data. As new technologies come into play, more comprehensive cybersecurity measures are needed to protect these organizations. We’re in a time when remote work has become the norm, thus making cybersecurity that much more of a priority for many organizations.

The Ultimate Guide to Application Security Tools

With the emergence of new software security threats, businesses need robust, flexible and affordable methods to ensure their applications are protected throughout the whole application lifecycle. Application security is essential for software companies, but now more than ever, many more organizations need to make AppSec a priority.

Run confidently with secure DevOps

The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps.

The Oculus (Meta) Quest Scam

Oculus (also now known as Meta) Quest is a virtual reality headset and game craze created by Facebook, and it is the ultimate tech must-have for the holidays in 2021. My 11-year-old son is obsessed with it and during the past few months it has been impossible to get due to a recall and the wait for the new Quest 2 to be released.

The Kubernetes' Open-Source Tools to Check out in 2022

In 2014, Kubernetes surfaced from work at Google and quickly became the de facto standard for container management and orchestration. Despite its silicon valley origins, it became one of the most impactful open-source projects in the history of computing. Today, the Cloud Native Computing Foundation (CNCF) maintains Kubernetes with many private companies and independent open-source developers.

Sophisticated Tardigrade malware launches attacks on vaccine manufacturing infrastructure

Security researchers are warning biomanufacturing facilities around the world that they are being targeted by a sophisticated new strain of malware, known as Tardigrade. The warning comes from the non-profit Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) which revealed that at least two large facilities working on manufacturing bio-drugs and vaccines have been hit by the same malware this year, in what appear to be targeted attacks.

How to Make Slack HIPAA Compliant in 2022

As digital transformation continues post-COVID more organizations, including those covered by HIPAA, will seek out SaaS solutions that make collaboration easier. Fortunately more and more applications like Slack are enabling HIPAA compliant use. In early 2019 as Slack filed for its IPO, the company also updated its security page to provide details on its qualifications as a HIPAA compliant messaging app.

Interview with Bill Kunneke, Chief Technology Officer at Leasecake

For our latest specialist interview in our series speaking to technology leaders from around the world, we’ve welcomed Bill Kunneke, Chief Technology Officer at Leasecake. Bill has over twenty years of experience as an IT professional and a proven technical leader who delivers large and often transformative IT projects while communicating complex technical solutions to key stakeholders and executing strategic IT functions.

Security Risk Management for Insolvency, Restructuring and Bankruptcy Firms

Nick Doyle talks about the security challenges that can impact law firms and advisory organizations that are providing professional services to companies going through insolvency, restructuring and bankruptcy, and how Kroll can help organizations and stakeholders manage the potential risks.

Data Protection Act | 8 Principles under GDPR

This video will discuss the 8 principles of data protection act. These are the basic guidelines for any organization that handles personal data, and they're meant to protect your privacy rights. Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.

Guide to Performing a Data Risk Assessment

Most companies know how to engage in a security risk assessment. However, the first step in the security assessment process should be engaging in a data risk assessment. While the two sound similar, they provide different insights. This guide to performing a data risk assessment explains what it is, why it’s important, and how to engage in one.

How your business can benefit from Cybersecurity automation

Enterprises and small businesses alike are facing challenges that impact their ability to maintain adequate cybersecurity. Budget constraints and limited staff are just a couple of reasons why businesses have become more susceptible to cyberattacks. Hackers are becoming smarter, and the tools that teams deploy are growing in number, leading to fragmentation and increased vulnerabilities.

How businesses can protect themselves from DDoS attacks

In Distributed Denial of Service (DDoS) a system or network is flooded with online traffic from multiple sources in an attempt to make it unavailable. Cybercriminals take advantage of protocol or DNS server vulnerabilities that they exploit to launch attacks. Moreover, in larger scale attacks, they may use malware that infects thousands of hosts that target the victim to block it, all of them with different IP addresses, which is known as a botnet.

Diverse Approaches, but Consistent Cost Savings: Cloud Security in Europe

We are going through a period of huge security and networking upheaval. Transformation projects are afoot in the vast majority of organisations and architectural ideologies are shifting towards SASE and Zero Trust. We are all seeing and experiencing this first hand, but anecdotal tales of how organisations are handling these changes are inconsistent. Some are seeing security teams expanding, while others are decentralising the team and distributing security expertise across project taskforces.

Four Insider Threats Putting Every Company At Risk

Few concerns keep business leaders up at night like the threat of a cybersecurity incident. With the average cost of a data breach exceeding $4 million for the first time and public sentiment, regulatory requirements and practical functionality firmly against companies that can’t protect their digital landscape, many leaders are reprioritizing cybersecurity in response to this increasingly urgent reality.

CIS Control 12: Network Infrastructure Management

Networks form a critical core for our modern-day society and businesses. These networks are comprised of many types of components that make up the networks’ infrastructure. Network infrastructure devices can be physical or virtual and include things such as routers, switches, firewalls, and wireless access points.

How Egnyte Got Its Engineers to Use a New Configuration System

You can build the best system in the world, but it won’t matter if no one uses it. That might sound obvious, but it’s often overlooked. Getting your users to buy into a new system is not as easy as flipping a switch. It takes planning, initiative, and reinforcement to make sure your software is broadly adopted.

Black Friday is Coming and LNKR Malware Might Be Watching You

Black Friday is a long-awaited day for many people, as it generates a lot of sales in both physical stores and online marketplaces. With the ongoing COVID pandemic, online sales are expected to be even more intense this year, and along with that, we will likely see an increase in cyber scams. Attackers will try to steal your money in many ways: through phishing sites, banking malware, remote access trojans, and more. However, there is one type of malware that people often underestimate: adware.

WhiteSource Research: Fixing Vulnerable npm Packages Quickly and Painlessly

Over the past few years organizations have been shifting security tools and practices left to ensure that application security is addressed from the earliest stages of the software development life cycle (SDLC). These efforts also increasingly cover open source components, which comprise up to 80% of our software products.

The Growing Cybersecurity Risks to Retail Organizations

November and December can be particularly stressful for retail organizations—and not just because of the holiday madness. As the volume of transactions ramps up during the holiday season, IT teams must be on high alert for threats buried in a sea of routine activity. But given the exponential growth of ecommerce, they also need to stave off cyber threats.

Grinch bots have already stolen the countdown to Christmas

In a recent Quarterly Index report, Netacea’s Threat Research Team listed the top five scalper bot targets of Q3 2021 and predicted the items most sought after by bots for Black Friday and the festive shopping season. But scalper bots (or grinch bots) have already been hard at work ahead of Christmas, depriving genuine consumers of luxury advent calendars and limited-edition toys in the run up to peak retail period.

Introducing the DevSecOps Toolkit: A guide to scaling an AppSec programme

Imagine you’ve been asked to build a house from scratch. You don’t have any tools. You don’t have any experience. In fact, all you have is an empty plot of land and a looming deadline. It’s all beginning to feel a little overwhelming. If you work in the world of AppSec automation or DevSecOps, this type of scenario might sound rather familiar.

The Network Effect and the Search for Resilient Email Security

'Email is dead. It's a thing of the past.' In the IT industry, this statement, or something like it, is said regularly — usually corresponding with the rise of a new communication or collaboration platform. Each time this happens, it's prudent to remember a general rule around tools: as long as they retain specific advantages for the human beings using them, they generally endure.

AppSec Decoded: A proactive approach to building trust in your software supply chain | Synopsys

In this episode of AppSec Decoded featuring Sammy Migues, principal scientist at Synopsys and coauthor of the BSIMM report, and Tim Mackey, principal security strategist at Synopsys Cybersecurity Research Center (CyRC), we discuss why the software supply chain is an inviting target for hackers and how companies can implement a proactive approach to software supply chain security with security activities that won’t slow down innovation.

Remotely Removing a Device

Imagine one of your users has their company device stolen. Don’t panic. Egnyte allows you to manage user devices by remotely removing any Egnyte content synced for offline access. Simply navigate to Settings, then Devices. Select the device of your choice, then Remote Wipe to delete all of the Egnyte content synced locally to the device. You can even go a step further to prevent any unwanted access to Egnyte and forcing a logout by selecting Remove Device.

Teleport and PagerDuty Integration

Teleport provides secure access for cloud applications and infrastructure that doesn’t get in the way. When implementing strict zero-trust rules you sometimes need to escalate and elevate privileges. By leveraging PagerDuty, you are able to alert the request and approve or deny system access. Using PagerDuty’s schedule feature, you are able to dynamically assign administrative privileges based on who’s on call. This greatly reduces the scope of access.

ManageEngine Vulnerability Manager Plus simplifies compliance with the CIS Benchmarks

New software and assets introduced into your network are, by default, configured to be multifunctional and convenient to use, but they’re not always the most secure. IT teams also make constant changes to systems’ configurations, leading to inevitable security gaps. Maintaining secure configurations in assets and software is essential for organizations that want to avoid potential cyberattacks or face costly audit penalties.

Achieving Zero Trust? One Size Does Not Fit All

More than a year of near-universal remote work has proven that many of us can reliably stay productive from anywhere — whether it be from home, co-working spaces or otherwise. Businesses have caught wind of this, and according to IDC, 60% of them will continue with remote work or implement a hybrid model even after they reopen their offices again. This calls for a paradigm shift in the way we conduct cybersecurity.

Insider Fraud Prevention: Tips & Tricks for Your Organization

Even organizations with productive and loyal employees are prone to malicious insiders who commit fraud. Such activity is not easy to detect because insiders usually mishandle the same data they regularly process as part of their jobs, and do so bit by bit. Also, the motives for committing fraud can be unobvious. In this article, we define what insider fraud is, what risks it brings, and how security officers can reduce those risks with a comprehensive cybersecurity strategy.

Securing your open source dependencies with the Snyk Visual Studio Code extension

We’re pleased to announce new functionality within the Snyk Vulnerability Scanner extension for Visual Studio Code, making it easier for developers to find and fix vulnerabilities and license issues in their open source dependencies! To help developers take more responsibility for the security of their applications, security tools must be able to integrate seamlessly into existing workflows and the tools developers are using on a day-to-day basis.

25 Years of Security: does history matter?

There’s little in the world of technology that qualifies as sui generis (that is, unique unto itself). What goes around really does come around and there is safety in respecting that. Why look back to then in cybersecurity? Because one of the best ways to understand how to protect your network, Wi-Fi, and endpoints is to familiarize yourself with what led to today’s tortuous threat landscape.

Integration of the ThreatQ platform into McAfee Enterprise infrastructure

Proper management of threat data is critical in today’s security operations and modern SOCs. The knowledge of threats, their priority in our environment, their management, and the ability to analyze them, will give us anticipatory capabilities we wouldn’t have without this management.

Cybersecurity and its impact on the home

The digital society is ever-expanding, and with that has come an ever-increasing risk of cyber attack. This is a factor coming more and more into focus, with the rate and strength of cyberattacks set to continue escalating according to one Al Jazeera report. A further risk vector is becoming apparent through the smart home - more and more people are making their home a natural extension of the digital world, and placing a lot of reliance on the web and smart tech.

How SOAR Helps to Hold Up Your Part of the Cloud Security Shared Responsibility Model

The allure of the cloud is indisputable. Flexibility, reliability, efficiency, scalability and cost savings are tantalizing traits for a business at any time, never mind when most have been catapulted into a colossal work-from-home experiment. According to O’Reilly’s annual cloud adoption survey, nine out of 10 businesses now use cloud computing, with nearly half planning to migrate more than 50 percent of their applications into the cloud in the upcoming year.

Social Engineering Part 1: What is social engineering?

Social Engineering is a form of security fraud that relies on psychological manipulation techniques to trick people into revealing sensitive information. This is often carried out online using a variety of social engineering techniques; one of the more commonly referred to social engineering attacks are phishing attacks (including, vishing, smishing, spear phishing and whale phishing).

Don't Let Code Injections Mess Up Your Holiday eCommerce Season

The holidays are right around the corner. It’s a well-deserved time to spend with your friends and family, and it likely translates to increased online sales. But more eCommerce activity also means increased cybersecurity risks. Most organizations with eCommerce deploy cybersecurity measures such as Content Security Policies (CPSs), to help secure their site and protect their customer’s personally identifiable information from a breach.

Get the Most Out of the Desktop App with Search, Recents

Egnyte users want to get the files they need as fast as possible. Less time spent scouring folders means more time doing the work that really matters, and one of the best ways to do that is with the Egnyte Desktop App. With the Egnyte Desktop App you get real-time access to all your files and folders stored in the cloud, directly from your computer.

How Penetration Testing Helps You Comply with ISO 27001?

ISO27001 is a prominent International Standard and best practice for Information Security Management. The core element of this standard is identifying risks and mitigating vulnerabilities that threaten the security of information assets. So, the technical risk and vulnerability assessment form the basis of implementing the ISO27001 Standard.

How Cloud SOAR helps teams boost security during cloud migration

Cloud computing is exploding, and with the shift to the cloud accelerated by the COVID-19 crisis, more and more companies are bidding farewell to their on-premises solutions and welcoming the new age of the cloud. Read on to find out how Sumo Logic Cloud SOAR can help your organization strengthen its security posture amid a globally accelerated cloud adoption.

Tips for Having a Cyber Safe Holiday Season

We’re getting into the end-of-year holiday season. In addition to our busy end-of-year business schedule, we need to plan for family visits, develop menus for special meals, and possibly do a little shopping while the deals are good. It’s a lot to keep track of. Just remember it’s when you are distracted that you tend to put your digital security most at risk. Digital criminals don’t take holidays.

What is the CCPA? Definition and Compliance Guidelines for 2021

The California Consumer Privacy Act of 2018 (CCPA) gives Californian consumers greater transparency into how their personal data is being handled. Under the CCPA, California residents have a right to: California's landmark move to greater privacy laws mirrors the consumer data protection posture outlined in the GDPR and Canada's propositions in Bill C-11. Guidance for complying with the CCPA is outlined through CCPA regulations.

Risk Management and Budget Planning

Every company needs to undertake a certain amount of planning if it wants to grow. This includes not only strategic planning to expand operations and increase profits; executives also need to plan for risks they might encounter so they can anticipate and avoid threats. It makes sense, therefore, to integrate this planning throughout your organization so that no business function goes overlooked.

What Is Governance, Risk, and Compliance?

The phrase “governance, risk, and compliance” (GRC) was first introduced in the early 2000s by the Open Compliance and Ethics Group (OCEG). Since then, the concept has fundamentally changed how businesses operate. Although GRC is not a revolutionary idea by any means, it is integral to assuring that organizations can achieve, and maintain, optimal business continuity.

Traditional Supply Chain vs. Digital Supply Chain

A supply chain is the ecosystem of processes, systems, and entities that work together to transform an idea into a final product and customer-ready offering. That lifecycle consists of multiple moving parts. As global supply chain complexity increases, organizations in every industry require robust and reliable supply chain management (SCM) tools, processes, and people. Coordination of the supply chain is critical for efficiency and optimization.

Interview with Liz Tluchowski, CIO/CISO of World Insurance

For the next instalment in our series of interviews asking leading technology specialists about their achievements in their field, we’ve invited the CIO/CISO of World Insurance, Liz Tluchowski to share her thoughts on the state of Cybersecurity today. Liz is in charge of cybersecurity for both the corporate side of World Insurance, which is one of the 100 largest insurance brokerages in the U.S. and the 125 additional agencies around the country that they have acquired.

The Great Cybersecurity Talent Migration has Begun, Here's What you Can Do

The macro-economic consequences of COVID-19 have reached cybersecurity and the talented people who keep us secure. In some sense, invisibility is a hallmark of good cybersecurity, back-end operations running smoothly and keeping the assets, operations and reputation of an organization from harm. But this invisibility is built on proper resourcing, and in the last 18 months, we’ve seen a progressive erosion of the human resources behind successful organizational cybersecurity.

Zero Trust isn't a Buzzword

Lookout has announced its latest milestone — the expansion of Lookout Continuous Conditional Access (CCA) by integrating security and access platforms. This enables organizations to make detailed and ongoing risk assessments of endpoints and users, and apply that information to very granular access controls (as opposed to a simple yes-no access decision) that ensures business continues securely. This video illustrates how integrating Mobile Endpoint Security, Cloud Access Security Broker (CASB), and Zero Trust Network Access (ZTNA) solutions deliver a modern Zero Trust architecture.

Cybersecurity Insights - Malware Evasion Techniques

The majority of malware that the WatchGuard Threat Lab analyzes each quarter is called “zero day malware,” meaning it successfully evaded signature-based anti-malware services. Modern tools and techniques continue to make evasive threats easier to carry out and more effective for adversaries of all skill levels. In this Cybersecurity Insights, learn how threat actors mask their attack payloads from detection and what you can do to defend your organization and customers from these evasive threats.

Snyk & Rezilion: End to End DevSecOps Automation Replay

Container vulnerability management is a challenge every modern security team must address. Snyk’s vast database of open source vulnerabilities gives users industry leading coverage and confidence that any vulnerability that’s present will be identified. But identifying vulnerabilities is only the beginning. Using Snyk and Rezilion Validate means users can identify any vulnerability that’s present, validate if a vulnerability is exploitable in their environment, and automate remediation. This automated process cuts down on manual work, saves up to 70% of time spent patching, and cuts remediation timelines down from days to minutes. Learn more about this groundbreaking combination in this webinar and demo from two product leaders from Snyk and Rezilion.

DMARC and the prevention of World Health Organization phishing scams

In recent years the outbreak and spread of COVID-19 have left many people with fears and questions. With various medical opinions, news outlets spreading varied statistics, case number and death reports, and safety recommendations that varied between countries, states, cities, and individual businesses, people often felt desperate for information.

5 Data Loss Prevention Best Practices & Strategies

Data loss prevention (DLP) refers to a category of tools and technologies that classify, detect, and protect information (data) in three states: data in use, data at rest, and data in motion. The purpose of DLP is to enforce corporate data security policies that govern where data does — and doesn’t — belong. As such, there are some key strategies and best practices required to build these data security policies.

Effective software security activities for managing supply chain risks

BSIMM12 reports increased attention on software security due to recent supply chain disruptions. Get recommendations for managing supply chain risks. As the global pandemic disrupted the way business is conducted, the workforce became more dispersed and moved far from the traditional secure enterprise environments.

Hyperledger Fabric Security Monitoring with Splunk

In this post, we demonstrate how to set up effective security monitoring of your Hyperledger Fabric infrastructure. We identify some common threats, recognize key data sources to monitor, and walk through using Splunk to ingest and visualize your data. This post follows Introducing Splunk App for Hyperledger Fabric and highlights the use of the app for security monitoring of blockchain infrastructure. We will address smart contract/chaincode security & monitoring in a follow-up post.

How to Detect Architecture Drift

Bionic allows teams to detect, and manage application drift in real-time. Drift in this context doesn’t relate to infrastructure as drift rarely occurs with infrastructure-as-code in ephemeral environments. Bionic allows teams to quickly baseline and lock in their application architectures, so they have drift policies that can notify them in real-time should an architecture change.

Talking the End of Passwords with Friends and Family

Engineers worldwide have a tradition to look forward to every holiday season. You are taking in a sporting event on Thanksgiving Day when your uncle asks you why he keeps getting a message to update his iPhone; it’s only two years old. Or your grandma needs help with her hacked Facebook account.

Validating Arctic Wolf's Incredible Voyage

One of my favorite books is “Endurance: Shackleton's Incredible Voyage” by Alfred Lansing. I encourage you to read it if you haven’t. Here is a brief synopsis of the true-to-life story: In August 1914, polar explorer Ernest Shackleton boarded his ship, the Endurance, and set sail for Antarctica, where he planned to cross the last uncharted continent on foot.

What is a Security Operations Center (SOC)?

A security operations center (SOC) is a centralized facility that unifies an organization’s security monitoring across all IT infrastructure. SOCs function as a hub for information security personnel and the processes and technology needed to detect, monitor, and remediate cyber threats through real-time data analysis.

Tripwire Experts Offer Point of View on Zero Trust at EO's 6-Month Milestone

When the Biden Administration released its Cybersecurity Executive Order in May 2021, it was clear that Zero Trust would be a central component of the government’s security approach moving forward. Agencies and their partners scrambled to assess their existing Zero Trust investments and the gaps that would need to be filled in order to quickly ramp up implementation.

Secure Your Configurations with Tripwire's Configuration Manager

As cybersecurity professionals, we are always impressing the importance of patch management as one of the best ways to protect systems against vulnerabilities. Sometimes, the vulnerabilities are never fully exploited. Regardless of the threat possibility, patching is one of the easiest ways to ensure the minimum level of security in an organization.

Most Efficient Techniques for Quantifying Risks

With so many threats facing modern companies, it can be difficult to know which threats should be addressed first. Risk quantification is a method that provides you with a numeric representation of your risks, which in turn allows you to prioritize those that are the most likely to happen or could cause the most damage.

How You Should Rank Cybersecurity Vulnerabilities

If there’s one thing you can expect from cybercriminals, it’s that they’re always looking for new ways to locate and exploit your organization’s vulnerabilities. The National Institute of Standards and Technology (NIST) defines a vulnerability as a “weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.”

Creating a Successful Cybersecurity Risk Management Plan

It doesn’t matter which industry you work in or how large your business is: every company with a desire to stay competitive and relevant needs a cybersecurity risk management plan. New information technology comes online at a breakneck speed, making our business transactions and processes easier, smoother and faster.

First-Party vs Third-Party Cyber Insurance: What's the Difference?

Often it's not a question of if your business will experience a data breach, but when. Hackers are always looking for new ways to take advantage of weak networks or trick employees into falling prey to their schemes. And if your business operates computer systems or handles sensitive data regularly, you are at risk. Having the right insurance coverage to provide aid in the event of a cyber attack can save your business from expensive lawsuits and reputational damage.

6 Cloud Data Loss Prevention Best Practices & Strategies

Data loss prevention (DLP) refers to a category of tools and technologies that classify, detect, and protect information (data) in three states: data in use, data at rest, and data in motion. The purpose of DLP is to enforce corporate data security policies that govern where data does — and doesn’t — belong.

Interview with Cybersecurity Specialist Babak Pasdar, CTO of Acreto

For our latest expert interview on our blog, we’ve welcomed Babak Pasdar to share his thoughts on the topic of cybersecurity and his journey as the CTO of Acreto. Babak Pasdar is a globally recognized innovator, cybersecurity expert, author, and entrepreneur best known for his multiple innovations in the area of cloud security.

MDR Provider, MSSP or Both? Focus on the Capabilities You Need

Over the last several years, Managed Security Service Providers (MSSP) have evolved, and some have started offering Managed Detection and Response (MDR) services as part of their overall security solution. However, an MSSP lacking MDR capability simply cannot provide the same level of security, particularly in today’s quickly changing environment that has seen remote and hybrid work become the norm.

Webinar: Preventing Privacy and Cybersecurity Breaches

Check out this webinar to gain a deeper understanding of how to prevent privacy and cybersecurity breaches and ensure business continuity in a zero trust world. The webinar is hosted by Natali Adison, Technology, Data Protection & Cybersecurity attorney and Reuben Braham, VP Marketing at Cyberint.

A buyers guide: What to consider when assessing a CASB with Hank Schless

All roads lead to Cloud Access Security Broker (CASB). Gartner found CASB to be the fastest-growing cyber security segment, with investment increasing by 41.2% (2021 CIO Agenda Survey). It's no surprise, as security teams turn to CASB to solve new cloud service-related challenges that legacy security solutions cannot address. Some key points in this presentation are.

SANS 2021 Ransomware Detection and Incident Response Report

Ransomware attacks have become some of the most prolific and public intrusions over recent years. Within a matter of hours, organizations can go from normal operations to having an inoperable network and being extorted for tens of millions of dollars. On this webcast, SANS instructor and author Matt Bromiley, as well as sponsor representatives, will share their thoughts on modern detection and response techniques for ransomware breaches

Review and Approval Workflows

Easily streamline collaborative procedures and perform document review and approval using Workflows in Egnyte. From the file preview, under the Workflows menu, you can add a one-step task, or a multi-step workflow for each stage of review, including final approval. For GxP domains, approval includes Part 11-compliant digital signatures. Collaborators are automatically notified when the workflow moves to a step they’re assigned to.

Stopping IOT Attacks using NDR

Unmanaged endpoints like IoT devices represent a significant and growing risk surface. Network Detection and Response (NDR) solutions monitor network traffic to generate rich security evidence that enables asset inventory, vulnerability assessment and threat monitoring. In this presentation, experts from Corelight and Microsoft will walk you through how it works and how it can improve your security posture.

The Evolving Threat of Ransomware

Currently, ransomware is the most prominent cyber threat to businesses and individuals. Ransomware attacks are growing more prevalent as cybercriminals find new ways to profit from them. According to CyberEdge’s 2021 Cyberthreat Defense Report, 62% of organizations were victimized by ransomware in 2019—up from 56% in 2018 and 55% in 2017. This rise is arguably fueled by the dramatic increase in ransomware payments.

Understanding the link between Blockchain and AI

Blockchain and Artificial Intelligence (AI) are proving to be a powerful double act, coming together to deliver unique features and benefits for a growing list of industries and applications. In fact, you can already find blockchain integration with AI adding value and security to everything from food supply chains and healthcare record systems to managing media royalties and financial services.

New Advanced AlienApps for Akamai ETP and Akamai EAA help streamline threat management

When it comes to powerful integrations, AT&T Cybersecurity leads the way. We understand that customers want solutions that bring together visibility, response, orchestration, analytics, reporting, and more. As the attack surface continues to grow, AT&T continues to look for ways to stay ahead of threats, and one of the ways we do this is through our integrations with strategic partners in the form of new Advanced AlienApps.

Malicious Office Documents: Multiple Ways to Deliver Payloads

Several malware families are distributed via Microsoft Office documents infected with malicious VBA code, such as Emotet, IceID, Dridex, and BazarLoader. We have also seen many techniques employed by attackers when it comes to infected documents, such as the usage of PowerShell and WMI to evade signature-based threat detection. In this blog post, we will show three additional techniques attackers use to craft malicious Office documents.

Weekly Cyber Security News 19/11/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. WordPress is wonderful – it has transformed web site development for those without a good developer and a budget. However plugins continue to remain a problem and rather than actually going through with a serious attack, a spate of faked attacks via flaky plugins are on the rise once again.

PCI Data Discovery Tools: Keeping Sensitive Data Protected Within Your Organization

The rules set forth by PCI-DSS can seem complicated. Four levels, 12 requirements, multiple credit card brands: it’s easy to get lost in the details of PCI-DSS requirements. However, merchants who fail to meet the PCI compliance standard face heavy consequences. Not only do these companies put their customer data at risk, they also may face hefty fines that can range from $5,000 to $100,000 per month.

Redacting Sensitive Data in 4 Lines of Code

In this tutorial, we’ll demonstrate how easy it is to redact sensitive data and give you a more in-depth look at various redaction techniques, how Nightfall works, and touch upon use cases for redaction techniques. Before we get started, let’s set our Nightfall API key as an environment variable and install our dependencies for our code samples in Python.

It's Time to Get Rid of Passwords in Our Infrastructure

Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file. Other times, they take the form of API keys, tokens, cookies or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, copy to CI/CD systems and code linters. Eventually someone leaks, intercepts or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.

Cyber Insurance: New Coverage Restrictions Expected in 2022

Get ready for upcoming changes to cyber insurance policies. Due to risk associated with the increase in remote work, insurers are more likely to initiate in-depth cybersecurity risk analyses of companies seeking to purchase or renew policies, the Wall Street Journal reports. The adoption of stringent privacy regulations in the United States and abroad could also justify additional scrutiny by insurance companies during the initial underwriting and renewal process.

Cloud Applications: A Zero Trust Approach To Security For Healthcare

Accelerated adoption of the cloud has driven healthcare organizations to rely more heavily on cloud-based productivity suites and apps that enable both employees and patients to access data from anywhere. Compound this use of managed and unmanaged mobile devices in a world where the network perimeter is being eroded and you have a real challenge at hand. AGENDA: Zero Trust - How to apply a dynamic and contextual approach to applications and data access in the cloud.

Create an API Specification Scan

Traditionally Veracode Dynamic Analysis has targeted applications with a Web user interface. But increasingly, web applications are composed of many small microservices, many of which have Representational State Transfer (REST) interfaces with which the UI layer communicates. With API scanning, you can now scan the APIs of your microservices earlier in the software development process, before they are integrated into a web application.

10 Essential Cyber Security Controls for Increased Resilience and Better Insurance Coverage

While threat actors continue to vary attack methods, these 10 essential cyber security controls can significantly improve your security posture, therefore making it harder for cybercriminals to compromise your network and increasing your opportunities for cyber insurance coverage. Validated by our seasoned cyber security experts based on frontline expertise and with a thorough review of the expanded questionnaires now requested by most cyber insurance carriers, this session presents key takeaways for each of the controls and their real-life effectiveness.

Nuvias Group Further Invests in Cyber Security and the BeLux Market with Deltalink Acquisition

Nuvias Group, the European high value distributor, is further accelerating its growth through a second investment this year, by acquiring Deltalink, the Value-Add Distributor (VAD) of cyber security and networking solutions, based in Belgium.

Privileged account management challenges: comparing PIM, PUM and PAM

Most cyberattacks originate outside the organization. Numerous articles, vulnerability reports, and analytical materials prove this fact. External attacks are usually carried out based on the following scenario: Obviously, it is impossible to provide protection at all stages of an attack using only one type of protection. It is tough to do without a dedicated team and security solutions like firewalls, intrusion detection, antiviruses and more.

How MSPs should protect data against ransomware

A few months ago, the National Institute of Standards and Technology (NIST) released a draft framework for ransomware risk management. But it's not the only publication on such threats, as the institute has also produced a guide recently on how MSPs should protect data from ransomware and other data loss events.

The UK pushes for better supply chain cybersecurity

If the UK Government gets its way, IT service vendors and other cloud-based service providers may soon be required to adopt new measures to strengthen their cybersecurity, amid rising concerns about supply chain risks. The Department for Digital, Culture, Media and Sport (DCMS) has floated plans to make mandatory compliance with the National Cyber Security Centre’s Cyber Assessment Framework, which provides guidance for organisations responsible for vitally important services and activities.

SecurityScorecard Announces Plan to Train & Certify 25,000 Supply Chain Risk Professionals

Cybersecurity threats are on the rise. Over the past year, we’ve observed a 148% increase in ransomware attacks and an 85% increase in phishing attacks targeting remote users. Worse still, these attacks are growing increasingly sophisticated, with threat actors using eight or more vectors in the same attack, often deploying multiple vectors within minutes of one another.

Three-Body Problem for Policy: Policy, Data and Software

In the early days of Styra when we were creating Open Policy Agent (OPA), we had a singular goal in mind: help engineers enforce any policy over any piece of software. We wanted people to be able to write any policy they’d like, whether it be about complex resources managed by Kubernetes or public cloud, APIs routed through gateways or service meshes, data stored in relational or document databases, application deployments controlled by CICD pipelines, and so on.

Netskope Threat Coverage: The Return of Emotet

At the beginning of 2021, Emotet was considered to be the world’s most dangerous malware by Europol. The threat was first discovered in 2014 when it was acting as a banking trojan. Over the years, the malware evolved into one of the most relevant botnets in the threat landscape, often used to deliver other threats, such as Trickbot and Ryuk ransomware. Netskope detected Emotet during Oct 2020, using PowerShell and WMI to download and execute its payload.

What's New for 2022: Long Shots and Safe Bet Predictions

It is prediction time once again, and we’ve polled some of our esteemed experts here at Netskope to see what’s piquing their interest with 2022 on the horizon. Much like our predictions last year, we’ve broken the list out into some longer shots and some pretty safe bets. Here’s what we think is in store for 2022.

Securing DevSecOps - Threat Research Release October 2021

DevSecOps stands for Development, Security and Operations. This is a practice aimed to automate or design security integration throughout the software development lifecycle or workflow. Nowadays, collaborative frameworks and projects that share security protocols from end to end are really common, so DevSecOps practices attempt to emphasize building infrastructure with a strong security foundation and stable automation workflow and phases. Watch the video below to learn more about Securing DevSecOps.

Splunk Wins Third Ever NAVWAR Enterprise Artificial Intelligence Prize Challenge for Exceptional SOAR Capabilities

Naval Information Warfare Systems Command (NAVWAR) enterprise recently announced that Splunk is the winner of its third prize challenge in the Artificial Intelligence Applications to Autonomous Cybersecurity (AI ATAC) Challenge series.

How Sweet It Is - Thinking About SBOMs In Relation to Chocolate

The SolarWinds attack in late 2020 exposed the data of more than 18,000 businesses and governmental departments – many of which are gatekeepers for the country’s most vital infrastructure. While attacks against the software supply chain aren’t new, they are increasing exponentially.

FBI email hack highlights danger of account takeover

On Saturday November 13th, hundreds of thousands of recipients received an email from the FBI with the subject line of “Urgent: Threat actor in systems.” Thankfully for the recipients, it turned out the threat described in these emails wasn’t real as, unfortunately, the FBI had suffered an external email breach resulting in fake warning messages being sent out.

How Arctic Wolf Improves Security for Financial Institutions

While data breaches are never good news for any business, they can be especially catastrophic in the financial industry. The sheer amount of sensitive personal data that moves through the average banking institution on a normal day creates a seductive target for cybercriminals and a potential nightmare for security administrators. As a result, finding the right cybersecurity solution that can be tailored to the needs of financial institutions a must.

Cloud Threats Memo: Scary Examples of Weaponizing Google Drive

The abuse of Google Drive to deliver malicious content continues, and two recent examples remind us how the flexibility of this cloud storage tool can be easily weaponized by malicious actors. And the spectrum of content that can be distributed, and victims that can be targeted is surprising.

How using Cloud SIEM dashboards and metrics for daily standups improves SOC efficiency

When we talk about emerging technologies and digitization, we often forget that while innovators are working to bring the best solutions to market, cybersecurity gurus are concurrently working to identify loopholes and vulnerabilities in these new systems. Gone are the days when cyber attacks were monthly news; instead, they happen almost daily.

Part 2: Using Veracode From the Command Line in Cloud9 IDE

In part two of a four-part series, Clint Pollock, principal solutions architect at Veracode, details how to use Veracode from the command line in the Cloud9 IDE to submit a static pipeline scan. Check out the video and step-by-step instructions below. It’s Clint Pollock, principal solutions architect, back for part two of our four-part series on using Veracode from the command line in Cloud9 IDE.

EWF Conference: Plotting the Course for Your Personal Brand

“Why focus on building your personal brand?” This was the first question that Elana Anderson, Chief Marketing Officer at Veracode, asked during her presentation Plotting the Course for Your Personal Brand at the recent Executive Women’s Forum (EWF). Anderson, a lifelong student of marketing, and a former analyst at Forrester Research, has a deep understanding of the importance of both corporate and personal brands and the steps necessary to both build and maintain a brand.

Cybersecurity in the Year Ahead: The Trustwave 2022 Cybersecurity Predictions

In 2021, the cybersecurity industry was truly tested. Most notably, we uncovered the deeper fallout from the SolarWinds attacks, combatted the proliferation of advanced ransomware gangs and a surge in vulnerability exploitation, and saw fragile supply chain and critical infrastructure more targeted by attackers than ever. As global cyber defenders, predicting where the broad industry could be heading is a daunting task.

LogSentinel SIEM for MSSPS: Key MDR / MSSP Benefits

Managed security service providers (#MSSP's) are tasked with providing efficient #cybersecurity monitoring and response service without most of their revenue going away for licensing. LogSentinel SIEM is a tool that’s built with MSSPs in mind – we have predictable and affordable pricing and offer deployment and management flexibility. In this video, we will discover the key benefits of using LogSentinel SIEM if you are an MSSP/MDR provider.

Protecting customer experience for Black Friday | Cybersecurity Sessions #1

With Black Friday looming, customer experience should be one of the things keeping eCommerce managers up at night but how do performance and security overlap in ensuring retail sites are safeguarded? In this podcast, Andy Still and Deri Jones will discuss the importance of customer experience to eCommerce, and how both web performance and cybersecurity play a role in this. With Black Friday approaching, they will consider where these overlap in sometimes unexpected ways, and how typical security concerns like bots can also impact performance.

CEO Customer Spotlight with First Republic Bank

Learn about trends in the financial services industry, the intersection of content collaboration and data governance, and new techniques to adapt to the hybrid work era as Vineet Jain, Co-Founder and CEO of Egnyte, sits down with Joe Sarci, Deputy Chief Information Officer at First Republic Bank. Egnyte is #1 in cloud content governance. SaaS software trusted by 16,000+ content-critical businesses worldwide.

What is DevOps and DevSecOps?

Among its evangelists and advocates, DevOps is about the cultural shift from traditional silo groups to the integration of a DevOps team. DevOps teams speak about change, feedback, inclusiveness, and collaboration. The goal is to bring everyone who has a seat at the table onto a common platform to work together and deliver changes to business systems safely and securely. Companies that choose to go through digital transformation use DevOps as their platform to deliver software at speed and scale.

Announcing automated fixes for vulnerabilities in .NET dependencies

We’re pleased to announce improved support for.NET applications in Snyk Open Source, allowing developers to fix vulnerabilities in.NET dependencies with the help of actionable advice and automated pull requests! As of the time of writing, NuGet, the Microsoft-supported and de-facto standard package manager for.NET, has 276,266 unique packages, downloaded on average more than a billion times a week!

Don't let Trojan Source sneak into your code

Protect your organization from the Trojan Source exploit with fast and trusted vulnerability detection from Rapid Scan Static. As everyone in the industry knows, all software vulnerabilities are not equal—some are trivial, some are irrelevant, and some are severe. Obviously, you should focus your attention on those that are characterized as severe. The recently published Trojan Source (CVE 2021-42574) vulnerability falls into the severe category—meaning you should give it full attention.

Introducing Nightfall for Jira, with Real-Time Data Loss Prevention

We’re excited to announce that Nightfall DLP for Jira now has real-time detection. Services like Jira, which are part of the Atlassian ecosystem, are among some of the most popular cloud tools leveraged by companies today. Like most SaaS applications, Jira is an always-on service where many collaborators share information. In some cases, this may result in the unintentional exposure of sensitive data.

Discover PII Data in Microsoft Exchange Online With Egnyte

Your organization runs on information, and much of that information is sensitive. You need consistent governance policies to protect users and data, but just protecting files is not enough. You also need to be able to scan your documents quickly and easily to find personally identifiable information (PII). More than three-quarters of companies have files housed in email repositories, and these often contain customer PII, health records, and other sensitive information.

3 Tips for Negotiating Permanent Flexible Work Status

It’s finally happening. More than a year after embarking on “the world’s largest work-from experiment,” many businesses are bringing people back to the office. For some, this is excellent news. They’ve been looking forward to highway commutes, in-person meetings, and always valuable watercooler talk. These people are in the minority.

Shifts Happen: How to Rock the SOC Handoff Process With the SEAT-SWAP Method [Checklist]

Security operations centers exist to delivery sustained monitoring and response capabilities. Well-performed shift handoffs are a part of that operational strategy. It’s no surprise that longer-duration handoffs will usually deliver more effective transfer of knowledge. But you are not required to dedicate a long amount of time to transition from one staff to the next. This post covers the handoff of information across three categories: essential, optimal and thorough.

SecurityScorecard Supports the Proposed Interagency Guidance on Third-Party Management for Banking Organizations

On July 19, 2021, The Board of Governors for the Federal Reserve System (Board), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) released their proposed interagency guidance around third-party risk management. SecurityScorecard submitted comments in response to the proposal urging the agencies to include the adoption of security ratings to mitigate the cyber risk to financial institutions introduced by third-party vendors and suppliers.

Make the Headlines for Good News - Not a Security Mishap Due to Config Drift

The risk of config drift is ever present. And when you consider that modern enterprises have incredibly complex and ever-changing networks with thousands of devices, from routers to firewalls to switches, running billions of lines of config, it’s easy to understand why. Networks are constantly being changed by people - who though well intentioned - make mistakes. A configuration change that accomplishes the immediate goal may take the network out of compliance, but how would anyone know?

Cybersecurity for Oil and Gas: An Overview

The growing value of business data, the vulnerability of networked systems, and the importance of fuel infrastructure have made oil and gas companies major targets for malicious hackers. Already, the industry has been the victim of several high-profile attacks. The Colonial Pipeline hack compromised the business’s networks, shut down its operations, and deprived the East Coast of a pipeline that supplies nearly half the region’s fuel.

4 Most Common Causes of Data Leaks in 2021

2020 was a landmark year for data breaches. This year will likely be no different. More than 8 billion records were exposed in just the first quarter, a 273 percent jump over the same period from 2019. By the end of Q3 2020, a staggering 36 billion records had been exposed. By end of the year, data breaches had struck high-profile organizations including SolarWinds, Facebook, Microsoft, and the U.S. Department of Defense.

Internal vs. External Vulnerability Scan: What Are the Differences?

Cyberattackers and hackers try to exploit security vulnerabilities to gain unauthorized access to enterprise networks. Their intentions typically include installing malware, stealing sensitive data, launching supply chain attacks, or engaging in cyber extortion or espionage.

Supply Chain Cybersecurity: Risk Management Best Practices

Supply chain logistics have been the backbone of global trade for hundreds of years. Extending the same concept, with the added digital components gives birth to supply chain cyber security risks. Supply chain cyber security is a topic that has come into the limelight for the last couple of years.

What is Configuration Management? Importance and Tools

Configuration management (CM) is a process that helps maintain the consistency of software versions and configurations across various environments. It is usually associated with the concept of change control. Configuration management systems help ensure that changes to an application are correctly documented, authorised, tested and deployed in a controlled manner to avoid errors.

The Importance of Speed During Detection and Response: Iranian-Backed Hackers Targeting U.S. Companies with Ransomware

Iranian government-sponsored advanced persistent threat (APT) actors are exploiting known Microsoft and Fortinet vulnerabilities to attack targets with ransomware in the transportation, healthcare and public health sectors, according to an alert issued on Nov. 17 by the Cybersecurity and Infrastructure Security Agency (CISA).

The Microsoft Power Apps Portal Data Leak Revisited: Are You Safe Now?

In late August 2021, a major data leak exposed where 38 million private records through Microsoft’s Power Apps portals, a powerful low-code tool that enables both professional and citizen developers to create external-facing applications. The misconfiguration was discovered by the research team at UpGuard and is now well-known as one of the most severe low-code security incidents to date.

Splunk SOAR Feature Overview: Visual Playbook Editor + Input Playbooks

Splunk SOAR’s new, modern visual playbook editor makes it easier than ever to create, edit, implement and scale automated playbooks to help your team eliminate security analyst grunt work, and respond to security incidents at machine speed. Now, anyone can automate, allowing your team to achieve faster time to value from your SOAR tool. In this demo, we'll show you how to build an "input playbook". Input playbooks are used to automate simple IT and security tasks, and can then be leveraged as part of larger, more complex playbooks for a more modular approach to automation. For a more in-depth look at the new visual playbook editor and input playbooks, watch this video.

Software Bill of Materials (SBOM) of the Future Webinar

Destructive supply-chain attacks like SolarWinds, Kaseya, and Colonial Pipeline have placed a spotlight on how just one piece of vulnerable software can have devastating effects if exploited. In light of these incidents, the White House recently issued a directive that requires software sellers to provide federal procurement agents with a software bill of materials (SBOM) for each software application. An SBOM is a list of every software component that comprises an application and includes every library in the application’s code, as well as services, dependencies, compositions, and extensions.

WatchGuard Cloud Adds New Endpoint Security Modules to Further Strengthen its Unified Security Platform

Partners and customers using WatchGuard's Endpoint Security solutions can now layer on Patch Management, Encryption, Reporting and Data Control to simplify management and create new revenue opportunities.

The 6 Biggest Cyber Threats for Financial Services in 2021

According to VMware, the first half of 2020 saw a 238% increase in cyberattacks targeting financial institutions. And according to IBM and the Ponemon Institute, the average cost of a data breach in the financial sector in 2021 is $5.72 million. Based on these statistics, if you're in the financial services sector, there's a very high chance that you'll eventually fall victim to a very costly cyberattack.

What are PECR? Securing electronic communications in line with the latest requirements

Any organisation that sends electronic marketing communications via phone, fax, email or text, uses web cookies, or provides communications services to the public falls under the PECR’s scope, and must be aware of its information security requirements.

2022 Cybersecurity predictions

In 2020, we saw cybersecurity move from a technical problem to become a business enabler. In 2022, we will see 5G go from new technology to a business enabler bringing previously unimaginable use cases because of its high bandwidth and lower latency. Data from the current AT&T Cybersecurity Insights Report shows that 5G technology is being driven by the line of business and has been siloed between IT and OT organizations.

What is Your Security Strategy for 2022? 3 Ways to Keep Up With the Threat Landscape

Digital transformation was well underway before the pandemic and in order to enable remote work and e-commerce, organizations have been adding new digital offerings at an unprecedented rate. Businesses are growing increasingly reliant on digital infrastructure with the expectation to secure a shifting cloud while managing a hybrid workforce and a growing IoT.

What vulnerabilities and security issues plague web and mobile apps?

The 2021 Software Vulnerability Snapshot report uncovers the issues impacting web and mobile apps and what AppSec tools and activities can minimize risks. One of the most compelling reasons organizations use third-party application security testing is to extend their own software security testing capability when circumstances make adding new resources problematic. That’s certainly the case in today’s pandemic environment.

Cyber Monday: Three Critical Cloud Components for Retail Vendors

As we embark on another holiday season in the United States, we are being told to start our holiday shopping even earlier this year to avoid some of the delays in shipping. These slowdowns stem from a number of factors, including container shortages, Covid-19 outbreaks that backlogged ports, and a dearth of truck drivers and warehouse workers. Even without the shortages and slowdowns, retailers are in for a long holiday season ahead of them as sales are predicted to grow by 7% this holiday season.

Beware the Data Ditch!

More than half of businesses are in the “Data Ditch”. More than half of businesses have started to invest in their Data Maturity and have begun to make smarter, wider use of their data. And by more than 10 metrics of business performance, they are worse off than if they had not bothered. Meanwhile, a third of businesses have come out the other side and have seen dramatic upticks to their performance. and more...

The 8 Biggest Data Breaches in Financial Services (2021 Edition)

Cybercriminals choose their targets based on two conditions - maximum impact and maximum profit. Financial institutions perfectly meet these conditions because they store highly valuable data, and their digital transformation efforts are creating greater opportunities for cyber attackers to access that data. This is why the financial sector is disproportionately targeted by cybercriminals, behind healthcare.

Lookout CASB Named a Major Player in 2021 IDC MarketScape Cloud Security Gateways

I am excited to share a major milestone for our company: the Lookout Cloud Access Security Broker (CASB) has been named a Major Player in the 2021 IDC MarketScape Worldwide Cloud Security Gateways (CSG) Vendor Assessment (Doc # US48334521, November 2021). When Lookout acquired CipherCloud back in March 2021, the two companies came together with a mission to build a platform that provides intelligent Zero Trust access by leveraging in-depth telemetry from endpoint to cloud.

Preparing for the SOC of the Future, Today? We've Got You Covered

Last week, we announced v5 of the ThreatQ platform with capabilities needed today to support the security operations center (SOC) of the future. SOCs have been maturing and evolving into detection and response organizations, a transformation that Gartner anticipated back in 2013 and deemed a requirement for this decade. I’m proud that ThreatQuotient has consistently been at the forefront of innovating and delivering what the SOC of the future needs.

3 Trends in eTMF Adoption After COVID-19

The TMF Summit, a clinical documentation management conference hosted by industry observer Fierce Biotech, was held in late October in New Orleans. There was plenty of talk about familiar topics such as data quality and integrity, as well as data submission workflows and monitoring. But what stood out this year was how the pandemic continues to reshape the industry.

Hands-On Muhstik Botnet: crypto-mining attacks targeting Kubernetes

Malware is continuously mutating, targeting new services and platforms. The Sysdig Security Research team has identified the famous Muhstik Botnet with new behavior, attacking a Kubernetes Pod with the plan to control the Pod and mine cryptocurrency. A WordPress Kubernetes Pod was compromised by the Muhstik worm and added to the botnet. On the Pod has been deployed and executed various types of crypto miners, like xmra64andxmrig64.

Proactively fixing vulnerabilities to maintain Java security and project hygiene with Snyk

As a developer, I spend a lot of time in my GitHub account. I write apps, little utilities, and proof of concepts for when I am learning something new. I like to think that, because I spend a lot of time on GitHub, the overall health of my account is pretty high.

Corelight & Microsoft Defender for IoT: Through an XDR lens

What is the XDR paradox? It’s the hottest term in security but there is no consensus yet on the right definition. Why is that? Many organizations have deployed EDR and are benefiting from it, but also looking to the gaps that EDR can’t address such as unmanaged / compromised devices or network-centric TTPs. Likewise, many vendors of EDR/SIEM products have realized they have the same general workflow (analyze data, present an alert, triage it, etc).

Introducing The Complete Security Awareness Plan and Strategy Guide

Arctic Wolf security awareness program experts—who created security awareness programs for Disney, Sony, as well as our Managed Security Awareness solution—recently produced The Complete Security Awareness Plan and Strategy Guide to help you evaluate and elevate your own security awareness program.

Why you need a layered security approach for protecting your data in today's threat landscape

Data is the lifeblood of any organization, and thanks to digital transformation, data can be shared easily among many users within and across organizations. Organizations store as well as transmit large amounts of sensitive data and information. As more and more data exchange happens, risks and threats also increase. The average cost of a data breach was $ 3.86 million and surprisingly the average time to identify and contain a breach was a staggering 280 days.

Detecting Remcos Tool Used by FIN7 with Splunk

We decided to try to run a well-known Remote Access Trojan (RAT) called Remcos used by FIN7. This tool has been around for some time and has a reputation for being stealthy and effective in controlling compromised hosts. Sold as a remote computer monitoring tool, this tool has plenty of features that can allow an operator behind the control to do multiple operations against a compromised system.

What is Static Application Security Testing (SAST) and how does it work?

Static Application Security Testing (SAST), or static analysis, is a method of testing and analysing source code. This method allows organisations to analyse their source code and detect vulnerabilities that could make their applications prone to attacks. This methodology has been used in application security for over 15 years and is especially useful for helping developers spot possible security weaknesses in the early stages of software development.

Why You Should Build an Agile, Integrated Construction Tech Stack

When it comes to construction technology, one size doesn’t necessarily fit all. Businesses often have different needs that require different tools to automate established processes, or standard operating procedures (SOPs). This creates a problem, however, because decision makers have to sift through the available technologies—and the depth and breadth of what processes they can cover—to find the right solution.

What is Common Vulnerability Scoring System (CVSS)?

Given the large and growing number of cyber attacks that exploit software vulnerabilities, vulnerability management is critical. A variety of unintended consequences can result from misjudging the severity of an existing vulnerability. Legal battles, financial losses, and reputational damage are all possible outcomes for a business. To combat today's modern cyber security challenges, it's critical to have a vulnerability management program in place.

Remote Work and Cybersecurity in the Legal Industry: What to Know

The COVID-19 pandemic changed many aspects of how businesses operate, remote work being one of the most significant. At the outbreak’s peak, 71% of American workers telecommuted at least part-time, 62% of whom rarely worked remotely before. This shift has impacted many industries, but the legal sector faces more disruption than most. Legal work rarely happened over telecommunication services before the COVID-19 pandemic.

What Is a Cybersecurity Incident Response Plan?

Global cyberattacks increased by 29 percent in the first half of 2021 compared to 2020, and we can assume that cybercriminals and hackers won’t stop their malware and ransomware attacks any time soon. A strong cybersecurity strategy is vital to reduce losses from those attacks, and a robust incident response plan should be a part of that strategy.

Top Vendor Tiering Strategies to Mitigate Cybersecurity Risks

All organizations rely on vendors to function in today’s dynamic landscape while achieving peak operational efficiency, cost-effectiveness, and economies of scale. A growing third-party network can yield significant benefits for organizations — but it also results in greater risk.

SOC 2 vs. SOC 3 Compliance: What's the Difference?

According to a Pew survey in 2019, 70 percent of American adults believed at the time that their data was less secure than it had been five years prior. Now consider that a pandemic followed, along with major data breaches at the likes of Microsoft and others. One can safely assume Americans are even less confident about the security of their data today.

Introducing NextLabs' SkyDRM 2021

NextLabs announced the release of Digital Rights Management (DRM) Platform SkyDRM 2021 on November 15th, 2021. The latest version of the enterprise DRM platform employs dynamic authorization and centralized policy management to protect shared files and streamline collaboration between enterprises. SkyDRM fills a critical need to safeguard information sharing for companies with needs to exchange trade secrets and crown jewel data with external users and business partners.

Build Trust In Your Software | Synopsys

Digital transformation is reshaping the way organizations operate. Whether you’re one of the thousands of companies that sell software, or one of the millions that use software to run your business, your ability to innovate and deliver value to your customers is powered by secure, reliable software. See why trust matters with Synopsys.

Overview of Popular Dashboards

Use pre-built dashboards as a starting point to visualize risk. Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data-centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

As ransomware attacks rise, US government advice to protect K-12 schools is "vastly outdated"

A recently published report from the US Government Accountability Office (GAO) has warned that official security guidance from the Department of Education is out-of-date, and needs to be refreshed to address the increasing reports of ransomware and other cyber threats.

Enhancing AT&T SASE with Palo Alto Networks 'as a Service'

A few months ago, I wrote a blog on “SASE as a Service” that described how managed services providers (MSPs) can be a catalyzing force for transforming to SASE and bridging the gap between networking and security teams. Since then, AT&T has released a series of managed SASE offers that bring together intelligent networking and cloud-based security in support of our customers.

Glance at 2020-21 eKYC mandates: Milestones India achieved on its digital journey

As India embraces the digital transformation and aligns with post pandemic lifestyle, working from home, shopping online, and managing money digitally has conveniently become a routine for us. This quick shift in the industry wouldn’t have been possible without quick regulatory advancements by government. Giving convenience a priority, critical functions like opening a bank account, lending a loan, large transactions, are now possible on fingertips.

SECUDE and Turnkey Announce Strategic Technology Partnership

LUCERNE, NOVEMBER 2021: SECUDE, an established global security solutions provider offering innovative data protection for users of SAP and CAD/PLM software is pleased to announce the recently formed competency partnership with Turnkey Consulting Ltd., the world’s Risk, Identity, and Security specialists.

Getting started with runtime security and Falco

Discover how to get started with Falco to overcome the challenges of implementing runtime security for cloud-native workloads. If you are adopting containers and cloud, you are probably enjoying benefits like automated deployments and easier scalability. However, you may also find that when it comes to security, this is a whole new world with new rules, and traditional security tools struggle to keep up. As a new paradigm, cloud-native environments need new cloud-native tools.

Meeting ISO Third-Party Risk Management Requirements in 2021

ISO 27001 is the most popular internationally recognized standard for managing information security. Its creation was a joint effort between the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC) - this is why the framework is also referred to as ISO/IEC 27001. ISO 27001 can also be implemented into a Third-Party Risk Management program.

15 Ways to Reduce Cybersecurity Risks

Organizations are increasingly concerned about cybersecurity risks and with good reason. Risks are constantly changing; take this last year, for example, the pandemic lockdown meant many knowledge workers went remote, which in turn increased the vulnerability of remote desktop services by 40%, saw criminals targeting end-users, and caused phishing and ransomware scams to boom. And then there’s the bottom line.

AppSec during hypergrowth: Empower your developers to overcome the tech talent shortage

Many high-growth technology startups are pressured to deliver applications to market ahead of fast-moving competitors. It’s all too easy to allow a “we’ll get to that eventually” mentality to creep in when competing priorities appear to force a tradeoff with development velocity. This introduces unnecessary risks, but they can be mitigated by implementing an effective AppSec program that involves the right tools, processes, and mindset.

Veracode Named Top 100 Women-Led Business in Massachusetts by the Commonwealth Institute and The Boston Globe

Veracode was recently recognized by the Commonwealth Institute and Boston Globe Magazine as a Top 100 Women-Led Business in Massachusetts. The honor, which was awarded to Veracode’s CEO, Sam King, is given to female leaders across multiple industries who are at the helm of Massachusetts’ most noteworthy companies. ​

Spreadsheets are Not the Solution

These days, regulators and auditors are inspecting risk management, regulatory mandates, cybersecurity, vendor management and other areas like never before. With so many organizations across various industries having to pay massive fines for non-compliance, it’s become obvious that manually performing governance, risk management and compliance (GRC) activities isn’t only risky — it just doesn’t work.

When Technology Matters, ForgeRock Shines

On the heels of Gartner®’s recently published Magic Quadrant™ for Access Management, the Critical Capabilities report is now out. This year, ForgeRock is recognized by Gartner® as the highest scorer for the External Use Case and second in both Internal and Application Development Use Cases. Critical Capabilities is the product functionality and technical comparison research that complements Gartner’s Access Management MQ.