Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Strong passwords are more important than ever in 2024 because they are the first line of defense against cyber attacks. While some companies have started to introduce passkeys to strengthen and expedite the login process, strong passwords are still needed when creating most accounts. A passkey replaces a username and password and has built-in Multi-Factor Authentication (MFA) by design. Strong passwords have been the foundation of any account, and in 2024, they will remain important.

In 2023, Amazon Prime Day totaled $12.9 billion in sales in only 48 hours. With limited-time deals, many Amazon users get ready to shop during Prime Day and scammers use this to their advantage. As you get ready to shop, it’s important to be aware of the scams that take place before, during and after this event. Some common scams to look out for during Amazon Prime Day include phishing scams, spoofed Amazon websites and deals from other websites that seem too good to be true.

On July 8th, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI) along with several international partners issued an urgent advisory outlining a People’s Republic of China (PRC) state-sponsored cyber group targeting Australian and U.S. enterprises.

Effective identity and access management (IAM) is crucial to both data security and regulatory compliance. Closely governing identities and their access rights is vital to ensuring that each individual has access to only the business systems, applications and data that they need to perform their roles. IAM reduces the risk of accidental data exposure or deletion by account owners, while also limiting the damage that could be done by a malicious actor who compromises a user account.

A vital component of any cybersecurity strategy is robust identity and access management (commonly known by the IAM acronym). This article explains the core elements of an effective IAM implementation and their benefits. Then, it takes a deeper dive into one of those components, role-based access control (RBAC). Finally, it offers a modern IAM tool to consider that can support your organization in adopting a Zero Trust security model.

Jay Jacobs and I recently delivered an RSA presentation called Quantifying the Probability of Flaws in Open Source. Since many people didn’t get a chance to see it, I thought I’d summarize some of the findings here for posterity. The question we investigated was simple, at least conceptually: what are the red flags of an open-source repository? Are there characteristics of a given open source library that would reliably indicate it was safer than others?

Financial Business and Consumer Solutions (FBCS) was founded in 1982 as Federal Bond Collection Services and currently has over 100 employees. Based in Pennsylvania, the name was later changed in 2014. The company is a licensed debt collection agency offering specialized solutions for creditors across various product verticals to meet their diverse needs. Such creditors include those playing in healthcare, consumer credit, utilities, auto, and education services.

Today, the Splunk Threat Research Team is thrilled to introduce ShellSweepPlus, an advancement in our ongoing mission to combat the persistent threat of web shells. Building upon the solid foundation of its predecessor ShellSweep, ShellSweepPlus is an enhanced version that takes web shell detection to new heights, incorporating cutting-edge techniques and a multifaceted approach to safeguard your web environments.

The digital landscape is wild--and getting wilder. Research from Rubrik Zero Labs shows that cyber attacks are on the rise, with 94% of organizations reporting a significant attack in the last year. And the attacks are effectively disrupting business, with 62% of those reporting an attack revealing that their systems were compromised. So security teams need to use all of the tools in their toolkits to protect the enterprise.

Cybersecurity is no longer optional but essential for UK businesses of all sizes. Cyber Essentials, a government-backed scheme run by the IASME consortium, offers a robust framework to protect your organisation from the growing threat of cyber attacks. But what exactly is the cost of Cyber Essentials certification, and how can you budget for this crucial investment?