Just like a snagged strand can ruin your garment, overlooking the security of machine identities can tear the very fabric of Zero Trust that protects your organization from bad actors. As a quick refresher, Zero Trust operates on the principle that no entity inside or outside the network perimeter is trusted by default. As we usher in an era where the traditional network perimeter has dissolved due to cloud services, remote work and mobile access, the necessity for Zero Trust becomes even more pronounced.

With new identities, environments and attack methods dominating today’s threat landscape, cybersecurity leaders are hyper-focused on securing identities to safeguard enterprises. However, a glaring, high-touch security gap exists that threat actors actively exploit to steal confidential data. And unsuspecting as it seems, that gap lies in the most used enterprise application of all time – the web browser.

Welcome, fellow travelers of the Cosmos! While we may not be traversing the stars on a spaceship, we are all interconnected through the powerful network of blockchains. Unfortunately, just like any technology, vulnerabilities can be discovered and exploited. In this post, we’ll present a critical vulnerability in a Cosmos-SDK blockchain that is explicitly related to the Inter-Blockchain Communication Protocol (IBC).

If the first month-plus of 2024 is any indication, this year is likely to be anything but ordinary in the cybersecurity realm. In January alone, a triad of events unfolded, each more riveting than the last, setting the stage for a year that promises to be as unpredictable as it is exciting. The following recent events have me reflecting on processes and controls that can help you better protect your organization’s most sensitive assets.

Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard.

This is the final installment of the blog series “A Deep Dive into Penetration Testing of macOS Applications.” Previously, we discussed the structure of macOS applications and their analysis techniques. Now, we will focus on client-side attacks in macOS applications. In penetration testing, the goal is to identify vulnerabilities in the app. To do that effectively, it’s important to understand how these attacks work. So, let’s dive in and learn more!

A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely to come. These recent events have sent shockwaves throughout the tech community, and for good reason. As we continue to uncover the fallout from these breaches, it has become apparent that the magnitude of the incident is more significant than we first realized.

Left to their own devices, your organization’s devices can be a significant source of risk. Consider operational technology (OT), which is crucial for organizations but is not engineered and operated with a security-first mindset. Often, OT systems are beyond the purview of CISOs and are focused on meeting key objectives for system uptime and efficiency – leaving them vulnerable.

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape.

It’s said that life truly begins when you step out of your comfort zone. Living in California provides me with many options for hiking and trekking, a perfect backdrop for spending time with nature and enjoying it with friends and family. As a hiking and nature enthusiast, I have done many moderately challenging trails in and around the Bay Area – my comfort zone.