Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Is My Phone Hacked? Here's How You Can Tell and What to Do

In today’s digital world, we rely on our mobile devices to navigate much of our daily lives. Beyond making calls and sending text messages, we use our phones for online shopping, banking, work, personal reminders, photos, videos, and so much more. While this technology offers great possibilities and convenience, it also can put your personal data at risk.

Stories from the SOC: Fortinet authentication bypass observed in the wild

Fortinet’s newest vulnerability, CVE-2022-40684, allowing for authentication bypass to manipulate admin SSH keys, unauthorized downloading of configuration files, and creating of super admin accounts, has put a big target on the backs of unpatched and exposed Fortinet devices.

What's the Difference Between Red Teaming and Penetration Testing?

When discussing cybersecurity, “penetration testing” and “red teaming” are two terms that are often used interchangeably but are two entirely separate concepts. If you are considering implementing additional cybersecurity protocols within your organization, it’s essential to understand the unique role and function of each of these processes and how they can benefit your organization.

K-12 schools are struggling with cybersecurity - Here's how a SIEM can help

K-12 school districts in the U.S. are struggling with cybersecurity. According to an October 2022 GAO report, ransomware attacks have cost schools up to three weeks of missed learning. The GAO also noted that recovery can take as long as nine months. In January 2021, 3,000 K-12 public schools in the U.S. were victim to a large-scale worldwide cyberattack.

How To Hide API Keys, Credentials and Authentication Tokens on Github

Back in 2018, GitHub celebrated 100 million open source repositories, and it has only been growing since then. How can you make sure your sensitive credentials and authentication tokens aren’t exposed to access by the public? Read this blogpost to learn how to save your API keys and other important data from being disclosed.

How To Explain Cyber Security To Management

James Rees talks about the difficulty of explaining why you need cybersecurity in terms of ROI or Return On Investment to management. Connect with James Rees Hello, I am James Rees, the host of the Razorwire Podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Active Directory Delegation Overview

Understanding Active Directory (AD) permissions is vital for cybersecurity, compliance and business continuity. In this blog, we’ll be going over, at a high level, how Active Directory permission are applied in a domain and how to view them natively. The most common way to apply Active Directory permissions is through the tool Active Directory Users and Computers (ADUC). There are two ways in ADUC to apply permissions: This blog post will cover both of these options.