Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Elon Musk's ascension isn't the first thing to cause waves of scams on Twitter, and it certainly won't be the last. On July 20th of 2022, data belonging to over 5 million Twitter users was put up for sale on the internet underground for $30,000. The FTC reported that we've experienced a recent "gold mine for scammers" and the April bump to a 10,000-character limit (for Twitter Blue) only makes things more interesting.

At the turn of the most recent century, the financial world was in a moment of unregulated growth, which lead to some serious corporate misdeeds in the United States. This presented the opportunity for two senators to enact a new law to ensure accurate and reliable financial reporting for public companies in the US. The result was the Sarbanes-Oxley Act (SOX) of 2002. But what does financial reporting have to do with cybersecurity and IT compliance?

In March 2022, the U.S. Securities and Exchange Commission (SEC) issued a proposed rule, the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, that, if adopted, would require companies to disclose their cybersecurity governance capabilities and the role of the board concerning oversight of cyber risk.

NTLM V1 and V2, and Kerberos are three authentication protocols. These protocols aim to enhance security, especially in the Active Directory environment. Authentication protocols are popular attack vectors. They can help attackers gain access and elevate privileges. It is important to choose the relevant and most secured protocol for your environments and configure it properly. The most veteran protocol among the three is NTLMv1.

Do not allow COM port redirection in RDP is the name of a security setting stated in Windows servers CIS benchmarks/STIGs. A COM port is an I/O interface that enables the connection of a serial device to a computer. In some cases COM ports are called “serial ports”. Most computers are not equipped with COM ports anymore but there are many serial port devices still used in computer networks.

Google’s recent introduction of ZIP top-level domain (TLD) addresses, although well intentioned has ignited a heated debate surrounding the potential cybersecurity risks associated with these domains. On the one hand, the move could make it easier for users to share and download files. For example, a website with the domain name “myfiles.zip” would be easier to remember than a long, complex string of numbers and letters.

As we step into 2023, it becomes crucial for developers and organizations to identify the best code signing certificate providers who can offer top-notch security solutions without compromising affordability. At SignMyCode, we understand the significance of digital signing in safeguarding software applications from tampering, malware injection, and unauthorized modifications.

Fort Worth is the fifth largest city in the state of Texas and approximately the 12th largest in the United States. The city is home to over 900,000 people and maintains a staff of thousands of individuals. The state manages a substantial amount of data in its servers, including public and private information that could be harmful if taken and shared with people online. That's why we were worried when we noted the city was breached, and over 500,000 files were taken.

In an ideal world, organizations should have round-the-clock protection for their corner of cyberspace, and prompt response to cyber-attacks. For this to happen, you’llneed top talent, equipped with sophisticated tools and knowledge of up-to-date security practices. But this is hardly the case for most organizations, meaning most are left vulnerable and seeking security solutions from third parties offering MDR services.

The weaponization of digital trust involves exploiting an application or tool we use in our daily digital life to perform our business or personal tasks for malicious purposes. It is a technique increasingly used by the threat actors to carry out malicious actions such as the delivery of malware or links to phishing pages.