Vulnerability Remediation Tracking
Vulnerability remediation tracking is one of the important components of cyber security practices. In this blog post, we gathered all the necessary information you must have in regards to this topic.
Security
Weekly Cyber Security News 11/10/2019
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Amazing, if not scary selection of news items this week. However, I’m going to pick out three curious and on the face of it ones that would otherwise fly past without interest. The first, and its a subject that really interests me: How do the scammers succeed at social engineering so frequently? Perhaps we can learn a little bit more from this one.
Thousands of Online Shops Hit by Magecart Attack
Magecart attackers have been collecting sensitive information from thousands of online stores after compromising top eCommerce platform and payment service provider Volusion. Since September 7, hackers have activated online credit card skimmers on 3,126 online shops hosted by Volusion. That's according to Trend Micro security researchers' latest report.
What is CVE? Common Vulnerabilities and Exposures Explained
Common Vulnerabilities and Exposures (CVE) is a list of publicly disclosed information security vulnerabilities and exposures. CVE was launched in 1999 by the MITRE corporation to identify and categorize vulnerabilities in software and firmware. CVE provides a free dictionary for organizations to improve their cyber security. MITRE is a nonprofit that operates federally funded research and development centers in the United States.
Teleport Overview Webinar
This is a recording of a webinar demo of Teleport by Gravitational, a privileged access management solution for securing on-premises and multi-cloud environments. In this presentation, we provided an overview of Teleport, walk through a live demonstration of popular features such as certificate authentication, SSO-integration for role-based access control (RBAC), session recording, and Kubernetes authentication and roles.
Love your enemies before you destroy them
The cutting edge of cybersecurity is moving away from a reactive defense. Instead of analysts waiting for a threat to happen, they are proactively searching out attackers in their environment. Attackers are dynamic. They are always changing and improving their capabilities, which means that defenders need to lean in and adapt even faster to keep up. Proactive defense is about predicting, understanding, and preventing as many moves as possible that an attacker could make against you.
Kubernetes DevSecOps with Sumo Logic
With Sumo Logic, we can put all of these pieces together to build end-to-end Observability in Kubernetes.
How to: On-premise Server Update
This video is about How to: On-premise Server Update
What is Email Spoofing?
Email spoofing is the creation of emails with a forged sender address. Because core email protocols lack authentication, phishing attacks and spam emails can spoof the email header to mislead the recipient about the sender of the email. The goal of email spoofing is to get recipients to open, respond and engage with the email message. Email spoofing can greatly increase the effectiveness of phishing and other email-based cyber attacks by tricking the recipient into trusting the email and its sender.
What's new in OTX
Alien Labs and the Open Threat Exchange (OTX) development team have been hard at work, continuing our development of the OTX platform. As some of you may have noticed, we’ve added some exciting new features and capabilities this last year to improve understanding within the OTX community of evolving and emerging threats.