%term

10 Things cybercriminals love about you

Mar 23, 2022 By Mike Klepper In AT&T Cybersecurity

What do cybercriminals love? (Mostly themselves, but that is beside the point.) They love organizations that have unmitigated risks in their web applications and application program interfaces (APIs). With the entire world connected via the internet, the easiest and quickest way for threat actors to infiltrate your systems or steal customer data is through web applications.

Read Post

AT&T Cybersecurity

Read more about 10 Things cybercriminals love about you

Falcon OverWatch Threat Hunting Contributes to Seamless Protection Against Novel BlackCat Attack

Mar 23, 2022 By Falcon OverWatch Team In CrowdStrike

In an effort to stay ahead of improvements in automated detections and preventions, adversary groups continually look to new tactics, techniques and procedures (TTPs), and new tooling to progress their mission objectives. One group — known as BlackCat/ALPHV — has taken the sophisticated approach of developing their tooling from the ground up, using newer, more secure languages like Rust and highly customized configuration options per victim.

Read Post

CrowdStrike

Read more about Falcon OverWatch Threat Hunting Contributes to Seamless Protection Against Novel BlackCat Attack

Securing the Future of Data - A New Way to Think About Control

Mar 23, 2022 By Lookout In Lookout

Control For decades it's been the mandate for enterprise security teams. Keep data secure. Lock it down. Restrict access. Put it behind firewalls. Don’t let it slip on to personal devices. But everything has changed. The cloud, SAAS, mobile workforces, an unstoppable wave of BYOD. Today, users and the applications they depend on are more widely distributed than ever. Networks are increasingly exposed. Cyber threats grow sophisticated by the minute.

View Video

Lookout

Read more about Securing the Future of Data - A New Way to Think About Control

Speedcast Adds Software Path Certification from AWS to Its Cloud Qualifications, Bringing New Value to Customer Solutions

Mar 22, 2022 By Speedcast

Technical validation of Speedcast SIGMA adds to the company's credentials within the APN, including Advanced Tier Services and AWS Public Sector Program. Speedcast's SIGMA platform runs on AWS to provide customers with simplified network management and quick adaptation for changing operational needs. Speedcast subject matter experts collectively hold more than 32 AWS certifications and 84 AWS accreditations to help customers navigate a secure and flexible path to cloud and application modernization.

Read Post

Read more about Speedcast Adds Software Path Certification from AWS to Its Cloud Qualifications, Bringing New Value to Customer Solutions

Authorization Best Practices

Mar 22, 2022 By Sakshyam Shah In Teleport

Our previous blog post on authorization security covered the seven most common authorization vulnerabilities. This post will discuss 11 authorization best practices that help avoid vulnerabilities and defeat specific attack vectors.

Read Post

Teleport

Read more about Authorization Best Practices

Lapsus$ Claims Access to Okta Systems; Okta Confirms Security Incident

Mar 22, 2022 By Sule Tatar In Arctic Wolf

On Monday, March 21, 2022, Okta, an enterprise identity and access management firm, launched an inquiry after the Lapsus$ hacking group posted screenshots on their Telegram channel that the hackers claimed were taken after obtaining access to "Okta.com Superuser/Admin and various other systems." The screenshots that Lapsus$ provided included time stamps consistent with the January 16-21 timeframe provided by Okta.

Read Post

Arctic Wolf

Read more about Lapsus$ Claims Access to Okta Systems; Okta Confirms Security Incident

Centralized Log Management and NIST Cybersecurity Framework

Mar 22, 2022 By Graylog Security Team In Graylog

It was just another day in paradise. Well, it was as close to paradise as working in IT can be. Then, your boss read about another data breach and started asking questions about how well you’re managing security. Unfortunately, while you know you’re doing the day-to-day work, your documentation has fallen by the wayside. As much as people are loathed to admit it, this is where compliance can help.

Read Post

Graylog

Read more about Centralized Log Management and NIST Cybersecurity Framework

Frequently Asked Questions about Rubrik Cloud Vault

Mar 22, 2022 By Kristina Avrionova In Rubrik

At the Rubrik Data Security Spotlight, we introduced Rubrik Cloud Vault, our fully managed, secure, and isolated cloud vault service built on Microsoft Azure. Rubrik Cloud Vault enables customers to build a comprehensive and multi-layered data protection strategy to be cyber resilient.

Read Post

Rubrik

Read more about Frequently Asked Questions about Rubrik Cloud Vault

Best Dark Web Monitoring Tools

Mar 22, 2022 By giusel In UTMStack

The dark web is a part of the internet that is not indexed by search engines and is only accessible through specific browsers. It has become a haven for all sorts of illegal activities and people who want to remain anonymous, including hackers. Often, the hackers use the dark web to sell steal passwords, compromising the security of employees and companies.

Read Post

UTMStack

Read more about Best Dark Web Monitoring Tools

Random but Memorable - Episode 9.1: Nightmare Villain Bug Bounty

Mar 22, 2022 By 1Password In 1Password

On today's episode we're unveiling 1Password's exciting new developer tools with our VP of Product Management, Tony Myers. Settle in for This Week at 1Password to learn more about the new SSH capability, CLI 2.0, our developer docs portal, and the frictionless workflow developers can expect. We also grimace our way through the security news in Watchtower Weekly (much like our reaction to rising gas prices) – you might want to think twice about checking prices using privacy-guzzling GasBuddy. ⛽️

View Video