Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

PIM vs PAM: What's the Difference?

The main difference between Privileged Identity Management (PIM) and Privileged Access Management (PAM) is their varying focuses. PIM ensures that users have necessary access based on their identity, while PAM stops unauthorized users from accessing sensitive information. Continue reading to learn more about PIM and PAM, in addition to what distinguishes them from each other.

How to Prevent Cyber Attacks: Strategies and Best Practices

In today’s digitally connected world, any organization with digital assets and internet access is vulnerable to cyberattacks. That reality has become all too pervasive in recent years. While it may not be part of your business plan, protection against cyber attacks must be a high priority. Keeping your business safe from attack should be a shared objective across all areas of the organization.

BDRSuite Beta Release: Exciting New Features for Proxmox Environment, Including Proxmox Cluster Backup Support

BDRSuite has taken a significant step forward with its latest beta release, focusing on expanding backup support for Proxmox cluster environments. This beta version introduces several powerful features designed to enhance the flexibility and efficiency of backup and recovery processes.

Understanding Drive-by Download Attacks

An employee at a large organization is doing research for a client and clicks on what they believe is a legitimate website. What they don’t realize is, while they’re browsing, malware in the form of a Trojan virus is swiftly downloading onto their endpoint. The Trojan jumps from the endpoint into the organization’s network, and suddenly, their cybersecurity system rings alarms as ransomware takes hold in the environment.

Attackers Abuse URL Rewriting to Evade Security Filters

Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security. URL rewriting is a security technique used by many email security platforms to analyze links in emails to verify their safety before users are allowed to click on them. However, this technique can also be abused to mask the original phishing link.

The Key Advantages of Implementing Security Analytics

Taking proactive actions regarding the security of your systems is a fundamental part of all organizations. It's impossible to predict what cyber attacks or incidents your organization may face but there are solutions and options available to you that assist in detecting threats before they can impact your organization. One of these valuable solutions is security analytics.

SenseOn MDR vs. SocGholish: A Technical Analysis

In February of 2024, SenseOn was contacted to assist with investigating suspicious activity on a customer’s estate. SenseOn analysts quickly identified a malware infection and identified the variant as SocGholish. This blog will showcase SenseOn’s detection and response capabilities against the malware and a breakdown of SocGholish’s techniques and that of the threat actor observed.

Docker Zombie Layers: Why Deleted Layers Can Still Haunt You

Docker Zombie Layers are unreferenced image layers that continue to exist for weeks in registries, even after being removed from a manifest. In this hands-on deep dive, we explore how these layers can persist in registries and why ensuring the immediate revocation of exposed secrets is critical.

Jonathan Freedman Appointed Head of Information Security at The Cyber Helpline

We are excited to announce that Jonathan Freedman has joined The Cyber Helpline as our new Head of Information Security. With over two decades of experience in Information Technology, Enterprise Architecture, and Cybersecurity, Jonathan is dedicated to safeguarding the digital landscape. He currently serves as the Head of Information Security at London law firm Howard Kennedy, where he leads the Cybersecurity Team.

SOX Compliance: What Is It and What Are the Requirements?

Unfortunately, it will often take some kind of disaster in the business world before a government takes action to prevent it from happening again. It’s only when significant data breaches happen that states implement compliance laws to avoid mishandling data; in this case, SOX compliance has a similar backstory. In the early 2000s, the collapse of corporate giants Enron, Tyco, and WorldCom exposed flaws in corporate accountability, leading to widespread fraud and massive investor losses.