Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We need to shift how we as security practitioners break the barriers for collective threat awareness across identity touchpoints within cybersecurity. It’s become imperative that we gain the ability to continuously assess user risk with automatic response actions—a shift towards a unified, contextually-driven identity defense.

AWS offers a variety of technologies that help organizations adopt cloud-based solutions and often promote overall cybersecurity. As with any complex technology, AWS solutions are also exposed to the risk of security vulnerabilities.

The Sender Policy Framework (SPF) is an email authentication protocol that specifies email authorization through Domain Name System (DNS) records. When an email is sent through the Simple Mail Transfer Protocol (SMTP), there is no requirement for authorized messages, which means that spammers can forge your domain in their phishing attacks.

Passwordless authentication is a security method that allows a user to gain access to a system without entering a traditional password. Instead, it relies on alternative means of verification, such as biometric data (like fingerprints or facial recognition), hardware tokens or one-time codes sent to a trusted device.

Supply chain attacks are increasing. According to KPMG, 73 percent of organizations have experienced at least one significant disruption from a third-party in the last three years. These findings underscore the imperative of implementing a supply chain risk management program. But as your vendor portfolio grows, assessing your vendors for cyber risk can seem daunting and raises many questions.

On October 4, 2023, Atlassian issued a security advisory revealing potential active exploitation of a previously unknown vulnerability (CVE-2023-22515, CVSS: 10) affecting Confluence Data Center and Server instances that are on-premises. This vulnerability can enable an unauthenticated, anonymous remote threat actor to escalate privileges by creating unauthorized Confluence administrator accounts and accessing Confluence instances across multiple versions of Confluence Data Center and Server.

On October 4, 2023, Cisco published a security advisory disclosing a critical authentication bypass vulnerability (CVE-2023-20101, CVSS: 9.8) in Cisco Emergency Responder. CVE-2023-20101 allows an unauthenticated, remote threat actor to utilize the root account (this account by default has hard coded credentials that cannot be altered) to log into an affected device.

If routing traffic on your network, managing cloud-based software-as-a-service (SaaS) applications, or general cloud connectivity is becoming more difficult for your IT team to manage, you may be ready for a software-defined wide area network (SD-WAN). SD-WAN is powerful networking tool that can help you centrally manage your traffic flow, independent of the underlying hardware on your network.

Staying ahead of cyberattacks and strengthening your organization’s defenses doesn’t happen overnight and can be hard to accomplish without the right tools and cyber strategies. SecurityScorecard’s Threat Intelligence team hosted a webinar that highlights the importance of threat exposure management, its latest trends, and how to implement this framework into an organization’s cybersecurity plan.

It is notoriously difficult to detect a man-in-the-middle attack. However, these attacks do have some subtle signs, including landing on obviously fake websites and your internet connection mysteriously becoming unreliable. Additionally, man-in-the-middle attacks often happen on open, unencrypted public networks, so it’s very important to be aware of your online environment at all times.