%term

How to Automatically Suspend Inactive Accounts Using Torq

Jun 16, 2022 By Dan MacKenzie In Torq

Contractors, freelancers, and other temporary workers have become essential parts of the modern enterprise. For IT and security teams, these individuals present unique challenges compared to full-time workers—and potential risks. The ‘offboarding’ process for these contractors is often less formal than bringing them on. Meaning, many just stop using their entitlements and accounts without actually closing them. These dormant accounts can pose serious risks to the organization.

Read Post

Torq

Read more about How to Automatically Suspend Inactive Accounts Using Torq

API security: 12 essential best practices to keep your data & APIs safe

Jun 16, 2022 By Nahla Davies In AT&T Cybersecurity

If you don’t think API security is that important, think again. Last year, 91% of organizations had an API security incident. The proliferation of SOAP and REST APIs makes it easy for organizations to tailor their application ecosystems. But, APIs also hold the keys to all of a company’s data. And as data-centric projects become more in demand, it increases the likelihood of a target API attack campaign.

Read Post

AT&T Cybersecurity

Read more about API security: 12 essential best practices to keep your data & APIs safe

CVE-2022-30190 - Updated Guidance for MSDT Remote Code Execution Zero-Day Vulnerability in Windows

Jun 16, 2022 By Sule Tatar In Arctic Wolf

On Friday, May 27, Security vendor nao_sec identified a malicious document leveraging a zero-day RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The actively exploited vulnerability exists when MSDT is called using the URL protocol from a calling application, such as Microsoft Word.

Read Post

Arctic Wolf

Read more about CVE-2022-30190 - Updated Guidance for MSDT Remote Code Execution Zero-Day Vulnerability in Windows

MDR for Vessels

Jun 16, 2022 By Obrela In Obrela

Obrela Security Industries’ MDR for Vessels is a specialised cybersecurity tool for the maritime sector built specifically for seafaring information technology (IT) and operational technology (OT). With a centralised and self-contained passive network monitoring solution based on a virtual appliance, supporting log collection from vessel infrastructure, MDR for Vessels builds on Obrela’s tried and tested Enterprise-class MDR solution with dedicated processes for maritime and shipping environments systems both on land and sea.

View Video

Obrela

Read more about MDR for Vessels

Interpol arrests thousands of scammers in operation "First Light 2022"

Jun 16, 2022 By Graham Cluley In Tripwire

Law enforcement agencies around the world appear to have scored a major victory in the fight against fraudsters, in an operation that seized tens of millions of dollars and seen more than 2000 people arrested. Operation “First Light 2022”, running for two months from March 8 2002 until May 8 2022, saw 76 countries clamp down on organised crime rings behind a variety of scams, seizing criminal assets, and providing new investigative leads around the world.

Read Post

Tripwire

Read more about Interpol arrests thousands of scammers in operation "First Light 2022"

Follina - CVE-2022-30190

Jun 16, 2022 By Threat Labs In Sumo Logic

Monday, May 30th, 2022, Microsoft issued CVE-2022-30190 for a Remote Code Execution vulnerability with the Microsoft Support Diagnostic Tool (MSDT) in Windows: “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.

Read Post

Sumo Logic

Read more about Follina - CVE-2022-30190

10 Ways to Reduce Your Organization's Network Security Risk

Jun 15, 2022 By Cybriant In Cybriant

No one can completely avoid risk when it comes to their network security, but there are steps that you can take to minimize your organization's vulnerability. In this blog post, we will discuss 10 ways to reduce your network security risk.

Read Post

Cybriant

Read more about 10 Ways to Reduce Your Organization's Network Security Risk

The Difference Between Cybersecurity and Ethical Hacking

Jun 15, 2022 By Edward Kost In UpGuard

Ethical hacking is a field within cybersecurity where security experts assume the role of an unauthorized user and attempt to gain access to a private network or computer. These exercises aim to help targets identify any security vulnerabilities that could be exploited in a real cyberattack. Cybersecurity professionals utilize non-invasive methods, such as risk assessments, audits, and security questionnaires, to discover security risks.

Read Post

UpGuard

Read more about The Difference Between Cybersecurity and Ethical Hacking

LimaCharlie: Security Infrastructure as a Service

Jun 15, 2022 By LimaCharlie In LimaCharlie

Full featured free tier of two agents. LimaCharlie provides cybersecurity tools and infrastructure on-demand in a way that scales. We call this approach Security Infrastructure as a Service. It is a DevOps or engineering-centric approach to cybersecurity. A way of getting things done that would feel familiar to anybody that has worked with Amazon Web Services or any other major cloud provider. There are no contracts and no minimums. Easily get what you want and only pay for what you use.

View Video

LimaCharlie

Read more about LimaCharlie: Security Infrastructure as a Service

Now is the time to Partner With Trustwave MDR

Jun 15, 2022 By Gary Abad In Trustwave

Trustwave Managed Detection and Response (MDR) is one of the most important cybersecurity offerings available in the market today, it’s also the reason why Trustwave is rolling out two new levels of service that will enable Trustwave and our business partners fortify the security posture of any business, regardless of size.

Read Post