%term

Threat Actor Deploys Malicious Packages Using Hex Encoding and Delayed Execution

Apr 13, 2022 By Daniel Elkabes In Mend

Over the past week, the WhiteSource security team has found several instances of packages that use unusual techniques to disguise malicious intent. These techniques differ from what we have usually seen in the past, such as base64 and JS obfuscation. This time, we are seeing a malicious actor use hex encoding to hide the malicious behavior of the package.

Read Post

Mend

Read more about Threat Actor Deploys Malicious Packages Using Hex Encoding and Delayed Execution

Bridging Network Security Gaps with Better Network Object Management

Apr 13, 2022 By Prof. Avishai Wool In AlgoSec

Prof. Avishai Wool, AlgoSec co-founder and CTO, stresses the importance of getting the often-overlooked function of managing network objects right, particularly in hybrid or multi-vendor environments.

Read Post

AlgoSec

Read more about Bridging Network Security Gaps with Better Network Object Management

Use Service Design in Operations Management to Enhance Security

Apr 13, 2022 By Jeff Darrington In Graylog

As an IT operations manager, you spend a lot of your time mitigating service outages and service level risks. You worked diligently to get the right people, products, processes, and partners in place to meet your goals. You managed to ensure continued uptime. You’ve reduced the number of tickets and the cost per ticket. And for your efforts, you’re rewarded with managing your company’s cybersecurity program. The problem? You’re not a security specialist.

Read Post

Graylog

Read more about Use Service Design in Operations Management to Enhance Security

The KapeTriage MindMap: supporting more efficient IR investigations

Apr 13, 2022 By The Redscan Team In Redscan

KAPE uses targets and modules to collect and parse digital evidence. These include the KapeTriage Compound Target, through which examiners can gather important information pertaining to an investigation within seconds. In this blog, we outline the KapeTriage MindMap, which provides a hierarchical outline of the KapeTriage Compound Target and shows how various segments collectively deliver the most relevant results.

Read Post

Redscan

Read more about The KapeTriage MindMap: supporting more efficient IR investigations

XDR: A New Vision for InfoSec's Ongoing Problems

Apr 13, 2022 By Dan Brown In CrowdStrike

Let’s face it. The information security industry loves a new acronym. For industry long-timers, a new acronym might be just the latest reason for an eye roll. For folks new to the field, it can be very confusing. A constructive way to look at XDR — extended detection and response — is as an opportunity to take a fresh look at some old problems and gain clarity.

Read Post

CrowdStrike

Read more about XDR: A New Vision for InfoSec's Ongoing Problems

Corporate structure and roles in InfoSec

Apr 13, 2022 By Alex Vakulov In AT&T Cybersecurity

When assessing the corporate governance of modern companies, one cannot help but note the obvious problems with information security. To solve these problems, it is crucial to carry out initiatives that, on the one hand, are complex, multifaceted, and nonobvious, and on the other, assume the involvement of all employees of the company, including the heads of key departments.

Read Post

AT&T Cybersecurity

Read more about Corporate structure and roles in InfoSec

Amazon EC2 Just-in-time Access With Teleport and Slack

Apr 13, 2022 By Janakiram MSV In Teleport

This blog is part three in a series about identity-based access and management of AWS resources. In Part I, we covered how to use OSS Teleport to access Amazon EC2 instances running in private subnets. Part II explained implementing identity-based access via SSO integration with Okta. In Part III, we will guide you through the steps to configure privilege escalation for just-in-time access requests.

Read Post

Teleport

Read more about Amazon EC2 Just-in-time Access With Teleport and Slack

Tripwire & FoxGuard: Patching for compliance and security

Apr 13, 2022 By David Bruce In Tripwire

There’s a saying in the cybersecurity community which states that just because you are compliant doesn’t mean that you are secure. Over the years, many images have been used to illustrate the point. One memorable image is that of a nude bicyclist wearing a helmet. By all standards, that is the epitome of “compliant, but not secure”. Many organizations have shifted the focus away from merely achieving compliance, to being both compliant and secure.

Read Post

Tripwire

Read more about Tripwire & FoxGuard: Patching for compliance and security

How to Foster a Productive SOC Culture

Apr 13, 2022 By Devo In Devo

According to the 2021 Devo SOC Performance ReportTM — which is based on the results of a survey of more than 1,000 security practitioners — having an understaffed SOC or constant turnover of security talent can cripple an organization’s security posture. Let’s look at some of the root causes that can lead to these two interconnected problems.

Read Post

Devo

Read more about How to Foster a Productive SOC Culture

#BigPictureCyber Town Hall With MJ Thomas, Head of Cybersecurity, GD Bath Iron Works | 4/13/22

Apr 13, 2022 By NeoSystems In NeoSystems

NeoSystems #BigPictureCyber Town Hall Series: Join NeoSystems’ Chief Information Security Officer, Ed Bassett, for our weekly #BigPictureCyber Town Hall designed for the Defense Industrial Base and GovCon community. Each session features special guests and offers an opportunity for attendees to ask questions regarding CMMC and cybersecurity. Topics covered include CMMC compliance requirements, cybersecurity news, how to prepare for CMMC certification, and the latest updates from the CMMC AB.

View Video