“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” – Sun Tzu. The above quote by Sun Tzu summarizes cyber threat intelligence (CTI) perfectly.
Trustwave, a leading provider of Managed Security Services, has been named a Representative Vendor in the Gartner® 2022 Market Guide for Managed SIEM Services. In the report, Gartner analysts Al Price, John Collins, Andrew Davies, Mitchell Schneider, and Angel Berrios provide an updated definition of Managed SIEM Services along with how Managed SIEM, which is also known as a managed SoC or SoC as a service.
People have become the primary attack vector for cyber attackers around the world. As the Verizon Data Breach Investigations Report 2022 indicates, it is humans rather than technology that now represent the greatest risk to organizations. According to the SANS 2022 Security Awareness Report, the top three security risks that security professionals are concerned about are phishing, business email compromise (BEC) and ransomware, all closely related to human behavior.
While modern businesses depend on data to stay ahead of the competition, data alone isn’t enough. They also need efficient search engines to quickly index and search through millions of records to make sense of the data. Today we’re looking into SOLR and Elasticsearch, the two heavyweights in this domain, to compare their performance differences and use cases.
Newer OpenSSL vulnerabilities are identified regularly by genuine security researchers or come to light as zero-day vulnerabilities when exploited by threat actors. While patching the bugs and OpenSSL vulnerabilities are important, organizations cannot wait for and rely just on patches to protect their websites. They need to be proactive in identifying and securing these vulnerabilities before attackers can find and exploit them.
Illustration by jcomp On Sept. 15, Uber Technologies Inc. was breached by an 18-year-old. The hacker purchased an employee’s stolen credentials from the dark web and pushed a flood of multi-factor authentication (MFA) requests and fake IT messages to them in hopes of getting into their account. Irritated by the non-stop pop-ups, the employee caved in and approved the request, unwittingly setting off a cyberattack.
With nearly every organization going through rapid digital transformations, it has become critical that security teams are equipped to provide seamless access for their remote users while keeping sensitive data secure. This is why I’m thrilled that Verizon has launched the Lookout suite of cloud security solutions to deliver security service edge (SSE) and ensure that customers can seamlessly secure their data and apps in the cloud, on premises and on the internet.
Digitalization is not a new term anymore, and it’s surely never going to fade away as it has etched its space in every sector. The optimistic business transformation it brought compelled almost everyone to incorporate digitalization processes into their business operation. Every industry realized that to proceed with the ongoing business profit and to compete in the market, they must adapt to the latest digital technology.
On September 11th, 2022, Snyk published a vulnerability report for the popular CSRF token management csurf npm package. The vulnerability impacts all known versions, which are currently yielding more than 400,000 downloads per week. The vulnerability report is based on the public disclosure by security consultant Adrian Tiron and their write-up on the Fortbridge blog.
