Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With the constant threat of cyber attacks against corporations of all sizes, last week the U.S. Securities and Exchange Commission (SEC) introduced new cybersecurity disclosure rules to ensure greater transparency and accountability for publicly traded companies.

In modern network environments focused on cloud technology, organizations have undergone a significant transformation in the development and deployment of their IT assets. The introduction of cloud technology has simplified and expedited the deployment process, but it often lacks centralized change management. The cloud's shared responsibility model enables quick deployment and scaling but can pose security risks if not properly managed and understood.

A good way to manage several passwords at once is by using a password manager. A password manager is a tool that aids users in creating, managing and securely storing all their passwords and sensitive data. Continue reading to learn the importance of managing passwords and how you can manage several passwords at once with a password manager.

Over the last decade, many vulnerabilities were initially perceived as critical or high but later deemed less important due to different factors. One of the famous examples was the “Bash Shellshock” vulnerability discovered in 2014. Initially, it was considered a critical vulnerability due to its widespread impact and the potential for remote code execution.

A cybersecurity risk assessment is an examination of an organization or potential vendor’s current technology, security controls, policies, and procedures and which potential threats or attacks could affect the company’s most critical assets and data. Organizations can use cybersecurity risk assessments to understand their ability to protect sensitive data, information, and critical assets from cyber attacks.

Data breaches loom large for organizations big and small. On top of being incredibly time-consuming, they can lead to legal damages, shattered customer trust, and severe financial fallout—and that’s just the tip of the iceberg. ‍ ‍ Laws and technologies are constantly evolving, which means that, in turn, security strategies must always adapt to keep up.

On May 29 2023, the Cybersecurity Division of the Commerce and Information Policy Bureau of the Ministry of Economy, Trade and Industry of Japan (METI) released an introduction guidance on Attack Surface Management (ASM) as a response to the increased cyber threats as a result of companies’ rapid digital transformation has led to a dynamic and growth of their internet footprint and possible attack vectors.

While there have been many intrusions, compromises, breaches, and incidents that have made news in the IT and InfoSec industries throughout 2022 and into this year, when events or threats like Storm-0558 gain coverage by mainstream media, we often get questions about Corelight’s ability to detect threats through our sensors, products & platform.

Major businesses from around the world are losing valuable login credentials at a rapid rate. Huge corporations are going through applications with platforms like Hubspot, Salesforce, AWS, Google Cloud Platform, DocuSign, and so many others, and during the process, they are losing valuable login credentials. Huge numbers of businesses are being compromised by hackers looking at these many different services, and it's becoming a very real problem that most companies aren't talking about today.

Brandjacking refers to the malicious act of using a brand’s identity to deceive or defraud customers. It usually involves impersonating a reputable brand to gain unauthorized access to sensitive information or exploit the trust associated with the brand. Attackers often leverage the reputation of well-known brands using social engineering techniques, phishing emails, fake websites, and malicious packages in open source repositories.