%term

FBI Warns of Sextortion Scams that Yield a New Equally Scam-Like Service: Sextortion Assistance

Apr 21, 2023 By Stu Sjouwerman In KnowBe4

A FBI bulletin highlights a new twist in the sextortion game: companies claiming to assist with addressing sextortion who use deceptive social engineering tactics to coerce victims into paying huge fees.

Read Post

KnowBe4

Read more about FBI Warns of Sextortion Scams that Yield a New Equally Scam-Like Service: Sextortion Assistance

Enhance SOC workflows with Elastic Security and Recorded Future threat intelligence

Apr 21, 2023 By Marvin Ngoma In Elastic

Security teams today need to analyze vast amounts of data from various sources, including endpoints, cloud, applications, and user activity, just to mention a few. At the same time, adversary activity is also on the rise and the threat landscape is becoming more and more complex every day. Further exacerbating the situation, security teams are strapped for resources and unable to analyze the enormous amounts of data and security alerts they receive in real time.

Read Post

Elastic

Read more about Enhance SOC workflows with Elastic Security and Recorded Future threat intelligence

A Comprehensive Guide for the SOC-2 Audit Checklist

Apr 21, 2023 By Satya Moutairou In TrustCloud

The SOC 2 framework helps you identify potential risks to your business and mitigate them with approved controls. To pass a SOC 2 audit, you must first define your audit objectives, determine your audit scope, and undergo a number of preparation steps and assessments. While these steps can be time-consuming, expensive, and arduous, achieving SOC 2 compliance can have huge business benefits for organizations, from improved compliance risk management to more sales opportunities.

Read Post

TrustCloud

Read more about A Comprehensive Guide for the SOC-2 Audit Checklist

How to Handle Secrets in Kubernetes

Apr 21, 2023 By Guest Expert In GitGuardian

This blog post covers creating, storing, and using secrets in Kubernetes, encryption, RBAC, and auditing. It introduces Kubernetes External Secrets and best practices to enhance security. Let's dive in!

Read Post

GitGuardian

Read more about How to Handle Secrets in Kubernetes

Why Pixels/Trackers are Common and Abundant

Apr 21, 2023 By Ivan Tsarynny In Feroot

As part of a detailed study of pixels/trackers, an analysis of over 3,000 websites and over 100,000 associated webpages (using the client-side security scanning feature of Feroot Inspector) found pixels/trackers on 95% of their websites. Each website in the study corresponds to an unique organization (company, non-profit, or government agency). The high 95% reflects the extent of data harvesting that is done by marketing, advertising, and performance platforms today.

Read Post

Feroot

Read more about Why Pixels/Trackers are Common and Abundant

Why Shutting Off SMS 2FA Makes Sense

Apr 21, 2023 By David Puner In CyberArk

Twitter’s recent decision to turn off SMS two-factor authentication (2FA) for non-Twitter Blue users created a stir. While media and tech pundits questioned the company’s motives, many users complained of losing a universal security measure behind a paywall.

Read Post

CyberArk

Read more about Why Shutting Off SMS 2FA Makes Sense

Fraudulent Tax Filings Go Out For Harding, Shymanski, and Company Customers

Apr 21, 2023 By Steven In IDStrong

Harding, Shymanski, and Company is a major accounting firm that works with customers providing them with tax help and other financial services. The company recently suffered from a data breach that exposed many of its clients and led to fraudulent tax filings for the 2022 tax year. The company employs more than 142 people and has an approximate annual revenue of $28 million. A large number of individuals were impacted by this very serious data breach.

Read Post

IDStrong

Read more about Fraudulent Tax Filings Go Out For Harding, Shymanski, and Company Customers

HTML Smuggling - An Old Technique with New Tricks

Apr 21, 2023 By Foresiet In Foresiet

Since the inception of the internet and the World Wide Web (WWW), HTML has been a fundamental part of digital communication, enabling document exchange services between various devices on the network. Developed by Tim Berners-Lee, the father of the WWW, in 1993, the markup language is still used to display documents on web browsers today.

Read Post

Foresiet

Read more about HTML Smuggling - An Old Technique with New Tricks

The 443 Podcast, Ep. 238 - Zero Trust Maturity Model 2.0

Apr 21, 2023 By WatchGuard In WatchGuard

This week on #the443podcast, Corey Nachreiner and Marc Laliberte cover two new publications out of CISA. First, we dive into CISA’s guidance to manufacturers and customers on secure-by-design and secure-by-default products. Next, they discuss CISA’s latest Zero Trust Maturity Model, which any organization can use to gauge how far along they are on the ZTA path and where they should focus their efforts next. Finally, we end with some research from Blaze Information Security on a series of vulnerabilities in a play-to-earn blockchain game.

View Video

WatchGuard

Read more about The 443 Podcast, Ep. 238 - Zero Trust Maturity Model 2.0

Webinar: Top Security Threats Worldwide: Q4 2022 - 20 April 2023

Apr 21, 2023 By WatchGuard In WatchGuard

Join WatchGuard CSO Corey Nachreiner and Sr. Security Analyst Trevor Collins as they discuss key findings from the WatchGuard Threat Lab’s 2022 Q4 Internet Security Report. They’ll cover the latest malware and network attack trends targeting small and midsized enterprises and defensive tips you can take back to your organization to stay ahead of modern threat actor tactics.

View Video