CRLF Injection - Veracode AppSec Tutorial
Watch this tutorial to learn about CRLF Injection and better understand the risk it brings to the security of your applications.
Directory Traversal - Veracode AppSec Tutorials
Watch this tutorial to learn about Directory Traversal and better understand the risk it brings to the security of your applications.
I can use VS Code to hack into your development environment
We have been witnessing an ever-growing amount of supply chain security incidents in the wild. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE. Recently, Snyk has discovered and disclosed vulnerabilities that pose a real and imminent threat to developers who use these extensions. The potential compromise is so significantly severe that a remote code execution on a developer’s machine is possible by simply tricking the developer to click a link.
EO, EO, It's Off to Work We Go! (Protecting Against the Threat of Ransomware with Splunk)
On June 2nd, 2021, the White House released a memo from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology. The subject? “What We Urge You To Do To Protect Against The Threat of Ransomware.” It outlines several recommendations on how to protect your organization from ransomware. The memo was a follow-up to President Biden’s May 12th Executive Order on Improving the Nation’s Cybersecurity Order (EO14028).
The Principle of 'Least Privilege' in the World of Cybersecurity
The principle of least privilege in cybersecurity prescribes that no user should have access to system resources beyond what’s necessary for fulfilling a specific task. Adhering to this principle has become essential, as one of the primary ways malicious actors breach a system is by compromising (legitimate) user access.
Basics and how to create security groups in Active Directory.
An Active Directory is a database that holds information about the security of an organization. It stores user accounts, and security settings to help organise all the information. Active Directory also stores a list of security groups that are created by the organisation to hold different levels or types of access permissions. Active Directory is a way that you can show people your home. If you are not careful and give too much permission to people, then it can be easy for others to do bad things.
The Many Challenges of a CISO - The ClubCISO 2021 Information Security Maturity Report
We all have heard and read how the pandemic has disrupted our lives, how it has accelerated digital transformation to an unprecedented extent and how it challenged the existing security policies and practices. The question is how the people responsible for fortifying their organizations experienced the whole situation.
7 Challenges in modern Cybersecurity and how to fix them
Cybersecurity is a leading concern for any business today. While this trend has made IT security a secure and potentially lucrative field, modern cybersecurity professionals also face growing challenges. If you hope to keep your business safe amid rising threats, you’ll have to overcome these obstacles. In that spirit, here are seven of the top challenges in modern cybersecurity and how you can solve them.
Why Digital Risk Protection on Social Media is a Must For Online Retailers
Updated as of June 7th 2021 It's an excellent time to be an online retailer. In 2021, over 230 million Americans will be shopping digitally, positioning the United States as one of the leading e-commerce markets. Social platforms are highly influential with millennials, teens, and Gen Z consumers; 50 percent of college students have purchased on Instagram, and 48% of U.S. internet users aged 18 to 34 years have purchased through social media this year.
Web Application Security 2021: Beginners Checklist to Get Started
Who can deny the importance of security for their website or online store? You may have already implemented some security measures, and you can feel quite complacent about it, but they are far from enough when we consider the security challenges. In recent years, even many leading websites and web apps faced a huge surge of security attacks on their websites.