Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SecOps

What Are QR Codes And Are They Dangerous?

QR (quick response) codes were first created in 1994 by an auto company in Japan, Denso Wave. Visually? They look like they were designed by the first inventors of video game graphics. These days you can find them on everything from menus to billboards. Basically, the goal of the QR code is to link an object to a website containing all the information you’d need for that object.

Automatically Update URL Blocklists in Zscaler Using Torq

Blocking access to certain URLs is a simple, effective strategy for protecting users and the network. But, in a world where new and increasingly sophisticated scams seem to appear almost weekly, the task of maintaining that list can become overly burdensome when performed manually. Torq offers a number of ways to automate URL blocklist management, reducing manual effort and speeding up response to new threats.

How to Automatically Suspend Inactive Accounts Using Torq

Contractors, freelancers, and other temporary workers have become essential parts of the modern enterprise. For IT and security teams, these individuals present unique challenges compared to full-time workers—and potential risks. The ‘offboarding’ process for these contractors is often less formal than bringing them on. Meaning, many just stop using their entitlements and accounts without actually closing them. These dormant accounts can pose serious risks to the organization.

CVE-2022-30190 - Updated Guidance for MSDT Remote Code Execution Zero-Day Vulnerability in Windows

On Friday, May 27, Security vendor nao_sec identified a malicious document leveraging a zero-day RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The actively exploited vulnerability exists when MSDT is called using the URL protocol from a calling application, such as Microsoft Word.

CVE-2022-27511 - Critical Vulnerability in Citrix Application Delivery Management

On Tuesday, June 14, 2022, Citrix released patches for multiple vulnerabilities, including CVE-2022-27511, an unauthenticated remote privilege escalation vulnerability affecting Citrix Application Delivery Management (ADM). The vulnerability allows an unauthenticated user to remotely corrupt an affected system to reset the administrator password at the next device reboot.

Data Eats the World: You'll Consume It Intelligently with the Autonomous SOC

“Software is eating the world.” That phrase entered the high-tech lexicon in 2011, courtesy of Marc Andreessen, co-founder of both Netscape and venture capital firm Andreessen Horowitz. His thesis is proven time and again. If you substitute data for software, it amplifies the power of Andreessen’s observation. Consider the following statistics on how much data is created every day: Technology users alone generate more than 1.145 trillion MB of data every day!

The Pack Looks Back At RSAC 2022

After a two-year hiatus, we couldn’t have been happier to spend the week in the Bay area with our customers, partners, and peers at the RSA Conference. The opportunity to showcase our latest solutions and technologies while connecting with some of the smartest people in the industry is something we’ve missed dearly, and meeting with our customers in person has made the 2022 conference sweeter than ever before.

Top Cyber Attacks of May 2022

Summer is here and phishing season is in full swing. May saw a troubling range of phishing attacks carried out against a wide array of targets, from retirement planners to school systems to national defense. Bundle all of those efforts together with a disturbing ransomware attack on the air travel industry and you have all the evidence you need of the dangers of inadequate cybersecurity at every level.