Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2022

Remote Users - Protect Data within Managed Apps

Organizations need to maintain security controls on corporate data regardless of where the users work location. When uploading content to a cloud storage provider, the Lookout SSE platform can help direct users to use corporate providers instead of personal. And when data is downloaded locally, the Lookout platform can protect the data outside of the managed app through encryption.

Remote Users - Protection from Internet-Based Threats

When working remotely, users are susceptible to Internet-based threats like phishing and malware. With the Lookout Security Service Edge (SSE) platform, organizations can prevent the loss of personal information and the installation of malware by assessing each link a user tries to access, regardless of what doc or app contains the link.

Keeper One-Time Share for Android

Keeper "One-Time Share" provides time-limited, secure sharing with anyone, even if they don’t have a Keeper account. One-Time Share is the most secure way to send confidential information to a friend, family member or co-worker without exposing sensitive information in plain text over email, text message or messaging. To share a record using One-Time Share on an Android device, select the record and tap Share. From the options, select One-Time Share. Next, tap the One-Time Share icon in the lower right corner of your screen and select your preferred record access expiration.

Instant Zero-Trust Access to Remote IT Infrastructure

Tired of the latency, availability and reliability issues of VPNs and legacy remote desktop tools? Keeper Connection Manager (KCM) provides DevOps and IT teams with effortless access to RDP, SSH, database and Kubernetes endpoints through a web browser on any device. Watch this webinar to learn more about KCM and how you can grant access to privileged systems without exposing login credentials. During the webinar, Zane Bond, Sr. Director of Product Management, will cover.
Arctic Wolf

CVE-2022-28219: Trivial PoC Exploit Could Lead to Unauthenticated RCE in ManageEngine ADAudit Plus

On Wednesday, June 29, 2022, Horizon3.ai published a proof-of-concept (PoC) exploit that targets CVE-2022-28219, a critical attack chain that includes unauthenticated XML External Entities (XXE), Java deserialization, and path traversal vulnerabilities that could lead to remote code execution (RCE) if successfully chained together. CVE-2022-28219 impacts Zoho’s ManageEngine ADAudit Plus builds prior to 7060. ManageEngine patched CVE-2022-28219 on March 30, 2022.

Remote Users - Protect Confidential Information

Greater care should be taken when transferring corporate data onto a remote user's managed endpoint. Certain types of data often require greater levels of authorization to leave the confines of the organization and managed app. When trying to download confidential information, we want to reverify the user's identity with step-up authentication. When the file is downloaded, in addition to file encryption, we also want to add a watermark and redact the confidential information.
Bionic.ai

Top 10 ASPM Capabilities that Solve Real Security Problems

ASPM is a hot new technology that organizations and analysts are investigating and researching. They are reading vendor reports, social media posts, and even blogs like this one to try and educate themselves on ASPM. Even with this research, there are still questions and confusion about ASPM. A common question I have often heard is, “What the heck does ASPM do for me?” The goal of this blog is to answer this question.

mend

Attacker Floods npm With Crypto-Mining Packages that Mine Monero When Installed with Default Configuration

Monero (XMR) is an open-source, privacy-oriented cryptocurrency that was launched in 2014. It uses a public distributed ledger containing technology that obscures transaction details to ensure the anonymity of its users. Monero maintains egalitarian mining, allowing anyone to participate. As tempting as it may seem, some go a step further and use the infrastructure of others to participate in mining. Cryptocurrency mining was originally performed using CPUs, and Monero was no different.]

sysdig

Adapting security to Amazon EKS Anywhere on Bare Metal

Amazon EKS Anywhere (EKS-A) on Bare Metal is a new deployment option for Amazon Elastic Kubernetes Service that launched this week. Why bare metal? In the age of the cloud it would seem to go against “best practices.” On the contrary. While we tend to overuse the term, “hybrid cloud,” it is a real thing. Enterprises come in all shapes and sizes — and so do their compute choices and privacy requirements.