Security

Stories from the SOC: Fortinet authentication bypass observed in the wild

Nov 14, 2022 By Amer Amer In AT&T Cybersecurity

Fortinet’s newest vulnerability, CVE-2022-40684, allowing for authentication bypass to manipulate admin SSH keys, unauthorized downloading of configuration files, and creating of super admin accounts, has put a big target on the backs of unpatched and exposed Fortinet devices.

Read Post

AT&T Cybersecurity

Read more about Stories from the SOC: Fortinet authentication bypass observed in the wild

What's the Difference Between Red Teaming and Penetration Testing?

Nov 14, 2022 By SecurityScorecard In SecurityScorecard

When discussing cybersecurity, “penetration testing” and “red teaming” are two terms that are often used interchangeably but are two entirely separate concepts. If you are considering implementing additional cybersecurity protocols within your organization, it’s essential to understand the unique role and function of each of these processes and how they can benefit your organization.

Read Post

SecurityScorecard

Read more about What's the Difference Between Red Teaming and Penetration Testing?

Top Trends in Security Vendor Consolidation

Nov 14, 2022 By Arctic Wolf In Arctic Wolf

Consolidation is not a new word when it comes to security vendors. As companies grow, needs change, and new technologies develop, different vendors merging has become a common sight. Gartner has been tracking these consolidation trends, and what those trends highlight is two things.

Read Post

Arctic Wolf

Read more about Top Trends in Security Vendor Consolidation

K-12 schools are struggling with cybersecurity - Here's how a SIEM can help

Nov 14, 2022 By Bobby Suber In Elastic

K-12 school districts in the U.S. are struggling with cybersecurity. According to an October 2022 GAO report, ransomware attacks have cost schools up to three weeks of missed learning. The GAO also noted that recovery can take as long as nine months. In January 2021, 3,000 K-12 public schools in the U.S. were victim to a large-scale worldwide cyberattack.

Read Post

Elastic

Read more about K-12 schools are struggling with cybersecurity - Here's how a SIEM can help

How To Hide API Keys, Credentials and Authentication Tokens on Github

Nov 14, 2022 By Joe Dibley In Netwrix

Back in 2018, GitHub celebrated 100 million open source repositories, and it has only been growing since then. How can you make sure your sensitive credentials and authentication tokens aren’t exposed to access by the public? Read this blogpost to learn how to save your API keys and other important data from being disclosed.

Read Post

Netwrix

Read more about How To Hide API Keys, Credentials and Authentication Tokens on Github

SREs bring O.R.D.E.R(R) to C.H.A.O.S - Snyk Ambassadors Show

Nov 14, 2022 By Snyk In Snyk

Join Snyk ambassador Keith McDuffee as he discusses with Brian Clark the role of SREs, their responsibilities and the challenges they face and what are the things keeping SREs on their toes and restless at night?

View Video

Snyk

Read more about SREs bring O.R.D.E.R(R) to C.H.A.O.S - Snyk Ambassadors Show

How To Explain Cyber Security To Management

Nov 14, 2022 By Razorthorn In Razorthorn

James Rees talks about the difficulty of explaining why you need cybersecurity in terms of ROI or Return On Investment to management. Connect with James Rees Hello, I am James Rees, the host of the Razorwire Podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

View Video

Razorthorn

Security

Read more about How To Explain Cyber Security To Management

Active Directory Delegation Overview

Nov 14, 2022 By Kevin Joyce In Netwrix

Understanding Active Directory (AD) permissions is vital for cybersecurity, compliance and business continuity. In this blog, we’ll be going over, at a high level, how Active Directory permission are applied in a domain and how to view them natively. The most common way to apply Active Directory permissions is through the tool Active Directory Users and Computers (ADUC). There are two ways in ADUC to apply permissions: This blog post will cover both of these options.

Read Post

Netwrix

Read more about Active Directory Delegation Overview

Q3 2022 Cyber Threat Landscape Report: Insider Threat Peaks to Its Highest Level Yet

Nov 14, 2022 By Kroll In Kroll

Watch the Q3 2022 Threat Landscape Virtual Briefing to hear from Kroll’s cyber threat intelligence leaders as they explore key insights gained through cyber incidents handled worldwide in the third quarter of 2022.

View Video

Kroll

Security

Read more about Q3 2022 Cyber Threat Landscape Report: Insider Threat Peaks to Its Highest Level Yet

NIST Password Guidelines

Nov 14, 2022 By Joe Dibley In Netwrix

Since 2014, the National Institute of Standards and Technology (NIST), a U.S. federal agency, has issued guidelines for managing digital identities via Special Publication 800-63B. The latest revision (rev. 3) was released in 2017, and has been updated as recently as 2019. Revision 4 was made available for comment and review; however, revision 3 is still the standard as of the time of this blog post.

Read Post

Netwrix

Read more about NIST Password Guidelines

Subscribe to Security

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Stories from the SOC: Fortinet authentication bypass observed in the wild

What's the Difference Between Red Teaming and Penetration Testing?

Top Trends in Security Vendor Consolidation

K-12 schools are struggling with cybersecurity - Here's how a SIEM can help

How To Hide API Keys, Credentials and Authentication Tokens on Github

SREs bring O.R.D.E.R(R) to C.H.A.O.S - Snyk Ambassadors Show

How To Explain Cyber Security To Management

Active Directory Delegation Overview

Q3 2022 Cyber Threat Landscape Report: Insider Threat Peaks to Its Highest Level Yet

NIST Password Guidelines

Monthly Archive

Follow Us