%term

The FedRAMP Impact Levels Explained: Low, Moderate, High

Dec 23, 2023 By Max Aulakh In Ignyte

Navigating the federal government’s cybersecurity standards and processes is not easy. Figuring out how to comply with all of the various standards and controls is a lengthy process involving thorough auditing and analysis Mediaof your entire organization from top to bottom. When government contracts and sensitive information is at stake, though, it’s all taken very seriously. Today, we’ll talk about the FedRAMP impact levels and explain each one.

Read Post

Ignyte

Read more about The FedRAMP Impact Levels Explained: Low, Moderate, High

Five worthy reads: Fight off the multi-factor authentication (MFA) fatigue

Dec 22, 2023 By General In ManageEngine

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we explore multi-factor authentication (MFA) fatigue attacks, what needs to be addressed to combat them and secure user data, and the roadmap to a positive identity and access management. The attack sprees never end, do they? Protecting user accounts from being compromised by hackers has always been a priority.

Read Post

ManageEngine

Read more about Five worthy reads: Fight off the multi-factor authentication (MFA) fatigue

The Features and Benefits of a Secure Virtual Data Room

Dec 22, 2023 By SecuritySenses In SecuritySenses

Learn how secure virtual data rooms safeguard confidential documents, boost efficiency, and streamline collaboration, from sensitive document control to effortless integration.

Read Post

SecuritySenses

Read more about The Features and Benefits of a Secure Virtual Data Room

The Howler Bonus Episode - Mental Health & Wellbeing Roundtable

Dec 22, 2023 By Arctic Wolf In Arctic Wolf

In this bonus episode, pack members from around the globe have a conversation about what it looks like for them personally to prioritize mental health and wellbeing. Interested in running with the pack? Explore careers at Arctic Wolf—one of the fastest-growing and exciting cybersecurity companies in the world, to learn about how you can join our Pack, create impact, and influence what’s next in security operations.

View Video

Arctic Wolf

Read more about The Howler Bonus Episode - Mental Health & Wellbeing Roundtable

Decoding Ransomware's Code of Conduct: Surprising Rules of Engagement & the Robin Hood Twist #crypto

Dec 22, 2023 By Razorthorn In Razorthorn

Dive into the intriguing world of cybersecurity as we explore the surprising ethical guidelines followed by ransomware groups in this eye-opening video. It's crazy, but many of these cybercriminals adhere to a set of Rules of Engagement, steering clear of unthinkable targets like children's hospitals. While some still cross the line, a remarkable instance emerged when a ransomware group, upon realizing they had hit a kids' hospital, apologized and handed over the decryptor – a Robin Hood-esque gesture in the digital realm.

View Video

Razorthorn

Security

Read more about Decoding Ransomware's Code of Conduct: Surprising Rules of Engagement & the Robin Hood Twist #crypto

Weekly Cybersecurity Recap December 22

Dec 22, 2023 By Steven In IDStrong

This week was devastating for data breaches. Across the US, cybercriminals stole the information of 58.4 million consumers, patients, and students. Our reports began in West Virginia, where the MOVEit breach cannibalized another 495k records from 17 hospitals. Soon after, Mr. Cooper’s breach appeared with more information about their October event—14.7 million homeowners had their data stolen.

Read Post

IDStrong

Read more about Weekly Cybersecurity Recap December 22

SIEM, Simplified

Dec 22, 2023 By The Graylog Team In Graylog

Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution. Security information and event management (SIEM) is an approach to security management that combines two aspects: Coined in 2005 by Amrit Williams and Mark Nicolett of Gartner, the term SIEM now serves as a synonym for the gathering, analyzing, and presenting network and security information as well as external threat data and vulnerability management.

Read Post

Graylog

Read more about SIEM, Simplified

Have your data and hide it too: An introduction to differential privacy

Dec 22, 2023 By Pierre Tholoniat In Cloudflare

Many applications rely on user data to deliver useful features. For instance, browser telemetry can identify network errors or buggy websites by collecting and aggregating data from individuals. However, browsing history can be sensitive, and sharing this information opens the door to privacy risks. Interestingly, these applications are often not interested in individual data points (e.g.

Read Post

Cloudflare

Read more about Have your data and hide it too: An introduction to differential privacy

Xfinity Writhes; 36 Million Records Breached via Vendor Vulnerability

Dec 22, 2023 By Steven In IDStrong

Xfinity is the name of Comcast Communications’ internet, TV, and phone service; it is the most significant cabled internet service in the states, with more than 32 million residential customers. Available in 39 contiguous states and the capital, the service provides communication solutions for individuals, companies, institutions, and clinical networks. Xfinity’s vast influence has made them a target for cybercriminals.

Read Post

IDStrong

Read more about Xfinity Writhes; 36 Million Records Breached via Vendor Vulnerability

Hunting for Android Privilege Escalation with a 32 Line Fuzzer

Dec 22, 2023 By Trustwave In Trustwave

Trustwave SpiderLabs tested a couple of Android OS-based mobile devices to conduct the research on privilege escalation scenarios. Specifically, we wanted to show a straightforward process attackers may use to exploit vulnerabilities in an Android device’s system services and systems. The testing revealed that, in some cases, exploiting the issues we found were very easy.

Read Post