%term

Detecting Lateral Movement Using Splunk User Behavior Analytics

Aug 21, 2023 By Cui Lin In Splunk

One of the most challenging aspects of running an effective Security Operations Center is how to account for the high volume of notable events that ultimately do not present a risk to the business. Some examples of non-risky notable events include a user forgetting their password and submitting it erroneously multiple times in a row, or a user accessing a system (for a completely valid reason) at an odd hour outside of their normal behavior.

Read Post

Splunk

Read more about Detecting Lateral Movement Using Splunk User Behavior Analytics

[Eye-Opening] Increase of Phishing Attacks in Australia Should Alarm Organizations

Aug 21, 2023 By Stu Sjouwerman In KnowBe4

Phishing attacks are on the rise in Australia, the Australian Broadcasting Corporation (ABC) reports. “The latest figures reveal phishing is a practice that is only becoming more and more widespread,” the ABC says.“Phishing was the most reported scam to Scamwatch in 2022, with the government website recording 74,573 complaints — a 4.6 per cent increase on the previous year.

Read Post

KnowBe4

Read more about [Eye-Opening] Increase of Phishing Attacks in Australia Should Alarm Organizations

Does GitOps enhance application security?

Aug 21, 2023 By Vandana Verma Sehgal In Snyk

GitOps was pioneered by Weeveworks in 2017. It uses familiar tools to implement continuous deployment for cloud-native applications, improving the developer experience of Kubernetes cluster management and application delivery.

Read Post

Snyk

Read more about Does GitOps enhance application security?

Becoming FedRAMP and StateRAMP Authorized Part 1

Aug 21, 2023 By CISO Global In CISO Global

Is FedRAMP part of your company's roadmap? CISO Global's Managing Director Baan Alsinawi details what becoming FedRAMP authorized can do to boost your business.

View Video

CISO Global

Security

Read more about Becoming FedRAMP and StateRAMP Authorized Part 1

Security Researchers Share Insights on Black Hat 2023 Topics and Trends

Aug 21, 2023 By Natalie Tischler In Veracode

Shocking to no one: Artificial Intelligence (AI) was a huge topic at Black Hat USA 2023, but what did we learn about it? With no shortage of talks on it, there are many insights to take into account. We asked highly skilled Software Security Researchers who attended both Black Hat and DEFCON to weigh-in on the most insightful moments, particularly related to AI. Here’s what we found.

Read Post

Veracode

Read more about Security Researchers Share Insights on Black Hat 2023 Topics and Trends

CVE-2023-32560: Critical Remote Code Execution Vulnerabilities in Ivanti Avalanche

Aug 21, 2023 By James Liolios In Arctic Wolf

On August 14th, 2023, cybersecurity company Tenable released a research advisory detailing two stack-based buffer overflow vulnerabilities, collectively tracked as CVE-2023-32560, impacting Ivanti Avalanche products version 6.4.0 and older. A threat actor could remotely exploit the vulnerabilities without user authentication by specifying long data type items to overflow the buffer.

Read Post

Arctic Wolf

Read more about CVE-2023-32560: Critical Remote Code Execution Vulnerabilities in Ivanti Avalanche

The 443 Podcast - Episode 256 - U.S. Cyber Trust Mark

Aug 21, 2023 By WatchGuard In WatchGuard

This week on the podcast we cover the FCC's proposal for a security assurance labeling program for IoT devices. Before that, we discuss the latest AI research challenge hosted by DARPA as well as some research into a novel attack against the AI/ML supply chain. You can view more information on the CISA guidance as well as Blaze Lab's full blog post at the links below: The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The 443 Podcast - Episode 256 - U.S. Cyber Trust Mark

DEF CON 31: A hot time in the Las Vegas heat and some cool days in AppSec Village

Aug 21, 2023 By Dwayne McDaniel In GitGuardian

DEF CON 31 was a unique experience. Read highlights from GitGuardian's time in Las Vegas, AppSec Village, the Hunt the Hacker CTF, insightful talks, and hacker fun.

Read Post

GitGuardian

Read more about DEF CON 31: A hot time in the Las Vegas heat and some cool days in AppSec Village

An identity security equation #shorts #identitysecurity

Aug 21, 2023 By CyberArk In CyberArk

Listen to the entire episode: https://www.cyberark.com/podcasts/ep-32-building-trust-and-collaboration-in-identity-security-w-cyberark-ceo-matt-cohen/

View Video

CyberArk

Read more about An identity security equation #shorts #identitysecurity

The Convergence of IGA and PAM

Aug 21, 2023 By Dean Pe'er In Entitle

As organizations navigate the ever-evolving landscape of cloud computing and digital transformation, security remains a top priority. With the exponential growth of users, devices, and data in cloud environments, effective identity and access management is crucial to maintaining a strong security posture.

Read Post