The Sarbanes-Oxley Act of 2002 (SOX) was passed by the United States Congress to protect the public from fraudulent or erroneous practices by corporations or other business entities. The legislation set new and expanded requirements for all U.S. public company boards, management, and public accounting firms with the goal to increase transparency in financial reporting and to require formalized systems for internal controls. In addition, penalties for fraudulent activity are much more severe.

Every website on the Internet is somewhat vulnerable to security attacks. The threats range from human errors to sophisticated attacks by coordinated cyber criminals. According to the Data Breach Investigations Report by Verizon, the primary motivation for cyber attackers is financial. Whether you run an eCommerce project or a simple small business website, the risk of a potential attack is there.

Security groups either make or break your IT security. Group memberships are responsible for administrative access in your your network and define access to other privileged resources and data on your domain. Ever wondered how a simple misconfiguration of a group membership could lead to a security incident? This blog elaborates the most common misconfiguration or security loopholes that can cause damage to the sensitive data in your network.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24 What an interesting week. I’m going to skip the issues over SolarWind breach and go for the usual non-sensationalist articles. The first, and one I so welcome along with many out there I’m sure is the final, and I mean final end of Flash. Yay.

If you joined us for Netskope’s SASE Week, you’ll know that we covered quite a bit of ground with our talks and programming. For a relatively new concept, there’s still so much potential to explore and discuss that we could probably talk about it for much longer than just a week. Netskope customers, large and small, are seeing the cost and business benefits of moving to a cloud-native control point, with the security posture and risk management tools they need.

An unprecedented number of employees in the United States are currently working remotely for at least part of their workweek. This is partially due to the global pandemic, but the truth is that many employees were shifting to remote work even before the coronavirus crisis. Studies have shown that both employers and employees can benefit from remote work.

Over the past decade, technology enthusiasts have dreamed about smartphones and tablets taking over various aspects of our lives. They have in many ways, but the shift has always been gradual. This all changed in 2020 when most of us were forced to stay home. From the way we work, go to school, interact with our healthcare providers, manage our finances, shop, and connect with friends and families – mobile is now at the center of our lives.

In contrast to legacy antivirus technology, next generation antivirus (NGAV) advances threat detection on the endpoint by finding all symptoms of malicious behavior across an endpoint system rather than fixating on looking for known malware file attributes.

This blog is part two of Splunk's Sunburst Backdoor response aimed at providing additional guidance to our customers (you can read part one, "Using Splunk to Detect Sunburst Backdoor," by Ryan Kovar). In this blog, we’ll cover how to ingest threat indicators to combat Sunburst Backdoor in Splunk Enterprise Security (ES).