Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2024

How Time, Entitlements and Approvals (TEA) Can Secure the Keys to Your Cloud

A popular topic of conversation in my day-to-day work is how to secure privileged access to cloud management consoles and workloads. And that’s no surprise, considering more and more applications and workloads are migrating to the cloud. Up until recently, the answer has typically been clear when it comes to identity security and privileged access management (PAM). It’s simple: first, you manage credentials by securing them in a vault. The next step is to rotate them.

Why Machine Identities Are Essential Strands in Your Zero Trust Strategy

Just like a snagged strand can ruin your garment, overlooking the security of machine identities can tear the very fabric of Zero Trust that protects your organization from bad actors. As a quick refresher, Zero Trust operates on the principle that no entity inside or outside the network perimeter is trusted by default. As we usher in an era where the traditional network perimeter has dissolved due to cloud services, remote work and mobile access, the necessity for Zero Trust becomes even more pronounced.

Enterprise Browser: The Gateway to Securing All Identities

With new identities, environments and attack methods dominating today’s threat landscape, cybersecurity leaders are hyper-focused on securing identities to safeguard enterprises. However, a glaring, high-touch security gap exists that threat actors actively exploit to steal confidential data. And unsuspecting as it seems, that gap lies in the most used enterprise application of all time – the web browser.

The Hacker's Guide to The Cosmos (SDK): Stealing Millions from the Blockchain

Welcome, fellow travelers of the Cosmos! While we may not be traversing the stars on a spaceship, we are all interconnected through the powerful network of blockchains. Unfortunately, just like any technology, vulnerabilities can be discovered and exploited. In this post, we’ll present a critical vulnerability in a Cosmos-SDK blockchain that is explicitly related to the Inter-Blockchain Communication Protocol (IBC).

EP 46 - Behind the Data Breach: Dissecting Cozy Bear's Microsoft Attack

Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard.

CIO POV: 3 Considerations as the 2024 Cyber Roller Coaster Gathers Speed

If the first month-plus of 2024 is any indication, this year is likely to be anything but ordinary in the cybersecurity realm. In January alone, a triad of events unfolded, each more riveting than the last, setting the stage for a year that promises to be as unpredictable as it is exciting. The following recent events have me reflecting on processes and controls that can help you better protect your organization’s most sensitive assets.

A Deep Dive into Penetration Testing of macOS Applications (Part 3)

This is the final installment of the blog series “A Deep Dive into Penetration Testing of macOS Applications.” Previously, we discussed the structure of macOS applications and their analysis techniques. Now, we will focus on client-side attacks in macOS applications. In penetration testing, the goal is to identify vulnerabilities in the app. To do that effectively, it’s important to understand how these attacks work. So, let’s dive in and learn more!

APT29's Attack on Microsoft: Tracking Cozy Bear's Footprints

A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely to come. These recent events have sent shockwaves throughout the tech community, and for good reason. As we continue to uncover the fallout from these breaches, it has become apparent that the magnitude of the incident is more significant than we first realized.

Securing Database Access: DPA Zero Standing Privilege Approach with Native pgAdmin Utility

In this video, we'll guide you through the process of utilising CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the PGadmin client, leveraging the secure foundation of JIT access approach for enhanced security and efficiency.

Redefining PAM to Secure OT and IoT Devices

Left to their own devices, your organization’s devices can be a significant source of risk. Consider operational technology (OT), which is crucial for organizations but is not engineered and operated with a security-first mindset. Often, OT systems are beyond the purview of CISOs and are focused on meeting key objectives for system uptime and efficiency – leaving them vulnerable.

EP 45 - OT Security's Digital Makeover

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape.

Securing Database Access: DPA Zero Standing Privilege Approach with Native HeidiSQL Utility

In this video, we'll guide you through the process of utilizing CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the HeidiSQL client, leveraging the secure foundation of JIT access approach for enhanced security and efficiency.

CyberArk Endpoint Privilege Manager & ServiceNow Integration

In this video, we delve into the seamless integration of CyberArk Endpoint Privilege Manager and ServiceNow IT Service Management. Discover how this integration streamlines and automates end user privilege elevation requests by leveraging existing ServiceNow workflows. By enhancing security measures and operational efficiency, this collaboration between CyberArk and ServiceNow marks a significant advancement in managing and securing privileged access. Watch now to learn more about this powerful integration.

Securing Database Access: DPA Vaulted Account Approach with Native PGadmin Utility

In this video, we'll guide you through the process of utilising CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the PGadmin client, leveraging the secure foundation of Vaulted Accounts for enhanced security and efficiency.

Securing Database Access: DPA Vaulted Account Approach with Native HeidiSQL Utility

In this video, we'll guide you through the process of utilising CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the HeidiSQL client, leveraging the secure foundation of Vaulted Accounts for enhanced security and efficiency.