Back in 2015, we published an article about the third party risks that are introduced into a home network. Now, eight years later, it is a good time to revisit the landscape of the home network. If we think about the technology in most homes in 2015, it was fairly sparse, consisting only of a router with an internet connection. The speed of most home internet connections was well below 100Mbps.
TA569 is a prolific threat actor primarily known for its deployment of website injections leading to a JavaScript payload known as SocGholish. In the past few months, Proofpoint researchers have observed changes in the tactics, techniques, and procedures (TTPs) employed by TA569. Changes include an increase in the number of injection varieties, as well as payloads deviating from the standard SocGholish “Fake Update” JavaScript packages.
Companies nowadays deal with vast amounts of data that are sensitive and to be protected at all times. While measures are adopted by them to ensure the safety of their applications and data, it is prudent to regularly test the efficacy of the adopted security measures.
With the advent of complex technology ecosystems like agile development processes, cloud-native platforms, and the rising use of open-source software, the importance of continuous Security and compliance has increased more than ever. As a result, leaders in the software industry must advise their teams to incorporate developer-friendly security tools into their DevSecOps pipelines.
In an era where high-profile security incidents involving the software supply chain have become all too common, the need for robust tools and practices to secure the software we rely on has never been more evident. One crucial aspect of ensuring supply chain security is package provenance, which allows for the tracking of the origin and authenticity of software packages.
When it comes to securing Active Directory, the first place to start is usually getting a handle on what currently exists - getting a ‘lay of the land,’ so to speak. In Active Directory, the admincount attribute can play a role in identifying privileged accounts. It’s not without its faults, however. In this blog, we will explore the admincount attribute in more detail and potential uses it may have for determining which accounts may have or had privileged access.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. If you are not familiar with Capita, they are one of the big contractor firms that the UK state tends to tender for projects. They don’t have a great reputation, and going by the latest fiasco, it has been shredded.
Over the past few months, our collective fascination with AI has reached unprecedented heights, leading to an influx of information and discussions on its potential implications. It seems that wherever we turn, AI dominates the conversation. AI has captivated the imaginations of tech enthusiasts, researchers, and everyday individuals alike. At the tender age of 11, I received my very first computer, the legendary ZX Spectrum. Looking back, it's hard to believe how much has changed since then.
In today’s rapidly evolving digital landscape, organizations not only seek out, but need to harness the power of emerging technologies to stay ahead of the competition. Two of the most promising trends in the tech world are generative AI and low-code/no-code development. Generative AI, in particular, has generated the majority of the headlines, with seemingly infinite use cases to spur productivity for end users and business.
This announcement presents customers with two choices: Stay on Windows 10 for the time being, or begin planning for an enterprise-wide upgrade to Windows 11. For customers that rely on Microsoft to protect their attack surfaces, migrating operating systems isn’t only an IT decision — it’s also a security decision. Microsoft security features, including Microsoft Defender, are delivered as built-in components of Microsoft operating systems.
