Editor’s note: This is Part 3 of a five-part cloud security series that covers protecting an organization’s network perimeter, endpoints, application code, sensitive data, and service and user accounts from threats. In Parts 1 and 2 of this series, we discussed the importance of protecting the boundaries of networks in cloud environments and best practices for applying efficient security controls to endpoints.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24.
When strengthening software security, Code Signing and SSL certificate always come at the top list. Both aid the software providers in ensuring a secure and seamless environment for their end users. Code Signing Certificate is particularly for source code protection, and an SSL Certificate is for website data security. However, numerous people still get confused between them and select the wrong solution. But it wouldn’t happen with you.
When it comes to cyber security, there are a few benefits of doing regular cyber risk assessments. Read on for more information.
Trustwave SpiderLabs is among the most well-respected teams in the cybersecurity industry, having gained a reputation for conducting cutting-edge research, plying the foggy corners of the darkweb for information, and detecting and hunting down threats. What is less well known is how Trustwave's SpiderLabs' various teams' function and then pull together to create the formidable force that is the backbone of all Trustwave's offerings.
If you want to keep your business network online, investing in 24/7 security monitoring is a great option. Here's what you need to know.
A classic cybersecurity storyline: there is executive tension over cybersecurity spending, the company gets breached, and a blame game between the CISO and their peers ensues, resulting in the termination of the CISO as a form of remediation. Reports indicate that only 27% of CISOs stay in their role at a company for three to five years.
The National Cyber Security Centre (NCSC) recently published important cybersecurity guidance to help protect retailers, which comes right as the holiday shopping season is in full swing. Retail organizations are no strangers to cyber attacks. In fact, some recent large-scale retail industry cyber attacks have included popular brands such as Guess, Under Armour, CVS Health, Home Depot, and Target.
CrackMapExec is an open-source tool that leverages Mimikatz to enable adversaries to harvest credentials and move laterally through an Active Directory environment. This blog post details how this tool works and offers a solution for defending against it.
