Hidden Data Exfiltration Using Time, Literally

I was looking at my watch last week and my attention was moved towards the seconds over at the right of the watch face, incrementing nicely along as you’d expect. Now, I don’t know if I’d just spent too long staring at a debugger screen or if it was something in the air, but an idea dawned on me, related to all things command and control, data exfiltration, etc.

Get your head in the clouds

Today’s forecast is cloudy, with a chance of headaches, heartburn, and a hell of a lot of unforeseen security challenges. Digital transformation may not be a new term, but it is, nonetheless, still very much a part of the roadmap for many companies. No matter if a company is cloud-native or newly embracing the cloud, the issues of securing your cloud infrastructure can be daunting, from managing misconfigurations to monitoring hundreds of microservices. Managing your cloud attack surface can leave you feeling like Sisyphus. But if you’re feeling a little bolder (see what we did there?), you can take a deeper dive into how you can get your head in the cloud and in the cloud cybersecurity game.

Passkey vs Password: What's the Difference?

There are several ways in which passkeys are different from passwords in terms of how they are created, how they are filled into websites and how they are secured. Passwords are user-generated whereas passkeys are automatically generated using public key cryptography. Unlike passwords, passkeys are a new type of digital credential that is phishing-resistant and can’t be easily compromised. However, only a few websites currently support passkeys.

CISA KEV Ransomware Interactive Visualization

When we first built the CISA KEV enrichment dashboard at Nucleus, our goal was to gain new insights into the vulnerabilities that had been confirmed by CISA as being exploited. Recently, CISA expanded the Known Exploited Vulnerabilities Catalog with vulnerabilities “known to be used in ransomware campaigns”. We find this data valuable in helping organizations identify which vulnerabilities on the KEV pose greater risk.

Secure Password and File Sharing for Federal and State Courts

U.S. court employees need to access dozens of systems and applications in order to complete their duties. These employees may also have access to Personally Identifiable Information (PII), which must be securely stored and managed with strict access controls. Court systems need a way for employees to easily and securely access systems, and share passwords and files among teams.

Networking and Security Teams Are Converging, Says SASE Adoption Survey

Converging networking with security is fundamental to creating a robust and resilient IT infrastructure that can withstand the evolving cyber threat landscape. It not only protects sensitive data and resources but also contributes to the overall success and trustworthiness of an organization. And just as technologies are converging, networking and security teams are increasingly working together.

Achieve Complete Hybrid Cloud Cyber Resilience with Rubrik Cloud Vault

Rubrik and Microsoft have joined forces to help you build a cyber-resilient business. Reduce the risk of a backup data breach, loss, or theft by storing immutable copies of your data in a Rubrik-hosted cloud environment, isolated from your core workloads. Keywords: cybersecurity, data security, ransomware, malware, cyber resilience, zero trust, azure, Microsoft, Rubrik, disaster recovery, data protection, hybrid cloud.

£20 Million Cyber Insurance or £5 Million Cybersecurity?

We delve into the complex world of cyber insurance and the staggering premiums associated with securing a £20 million policy for just one year. Join us as we discuss the astronomical costs and the limitations of cyber insurance in the face of growing cyber threats. Is it more practical to invest in comprehensive cybersecurity measures?