2022 saw a lot of successful law enforcement operations tackling online fraud, phishing, malware, and other cyber threats. Here’s the TOP 10 law enforcement agencies most active in fighting cybercrime.
2023 is coming in hot. If you don't want to miss out on this year's best events, you better start planning your conference schedule early. To help you out, I created an overview of my personal top 10 favorite cybersecurity events in 2023 about application security, cloud security, IoT, and all the other topics that currently occupy the cybersecurity world.
In August 2021, threat actors started to exploit ProxyShell vulnerabilities in certain Microsoft Exchange Server versions. Today, not only is Kroll seeing actors continue to leverage ProxyShell in larger network intrusions but also now organizations must also be on guard for the so-called ProxyNotShell vulnerabilities, which surfaced in September 2022.
We can probably all agree that we’re living in a state of permacrisis right now. After grappling with Covid-19, the world has been rocked by volatile stock markets, record-setting inflation, and the ongoing conflict in Ukraine. No wonder Collins Dictionary chose permacrisis as its word of the year for 2022.
Identity and access management (IAM) is an integral part of security systems. Without proper authentication and authorization, it would be impossible to practice cybersecurity principles such as zero trust and least privilege. By now, most organizations have a firm grasp on the identity part of IAM, including concepts like multi-factor and token-based authentication.
In this episode of The Future of Security Operations podcast, Thomas speaks with Jon Hencinski, Vice President of SecOps at Expel, a company with "a mission to make security easy to understand, easy to use, and easy to continuously improve." Jon is passionate about getting to the root cause of security issues and using strategy to help organizations eliminate problems.
LDAP Nom Nom is a recently discovered brute-force technique for enumerating valid usernames in Active Directory — anonymously and without leaving any log entries behind. It abuses LDAP Ping, a little-known mechanism in Active Directory normally used by computers to check whether a domain controller is alive. This blog post explains how LDAP Ping works and how adversaries can abuse it with LDAP Nom Nom.
SnakeYaml is a well-known YAML 1.1 parser and emitter for Java. Recently, a vulnerability — CVE-2022-1471 — was reported for this package. This vulnerability can lead to arbitrary code execution. The org.yaml:snakeyaml package is widely used in the Java ecosystem, in part because it is packaged by default with Spring Boot in the spring-boot-starter.
When the CrowdStrike Services team conducts a proactive security engagement, such as a Cybersecurity Maturity Assessment or Tabletop Exercise, it often uses CrowdStrike Falcon® Spotlight to identify what vulnerabilities exist in the environment. Unfortunately, this can be a disheartening experience, as many organizations we see have millions, even tens of millions, of unpatched vulnerabilities. It’s typical to see at least a quarter of those listed with a CVSS rating of Critical.
