Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Some organizations might think they’re saving money by not investing in proper cybersecurity solutions, but one data breach could bankrupt a company. In fact, the average cost of a data breach has reached an all-time high of $4.35 million, according to a 2022 report by IBM and the Ponemon institute. Companies must take measures to secure their data and avoid potentially dire financial consequences.

When you choose to work with a third party, there's always the risk that they will cause your business harm. The right tools can help you make better-informed decisions about the vendors you choose and spot problems before they occur. Third-party vendors are an important part of any business, but it's important for employers to understand what the risks are when working with these partners.

A focus of this year’s Cybersecurity Awareness Month theme – “See Yourself in Cyber” – are the simple actions that individuals and organizations can take to better protect themselves against cybercrime. Two of those steps are using strong passwords and enabling multi-factor authentication (MFA). It’s easy to see why.

Rclone is a data syncing tool often used by threat actors to exfiltrate data during a ransomware attack. Typically, the actors deploy Rclone after gaining remote access to the victim’s network. However, recently, Kroll experts have noted the use of Rclone in M365, using credentials stolen through network compromises or phishing attacks with minimal privileges to stealthily exfiltrate large amounts of SharePoint/OneDrive data.

Late Thursday, October 6, 2022, Fortinet disclosed a critical remote authentication bypass vulnerability —CVE-2022-40684— impacting FortiOS and FortiProxy. The vulnerability could allow a remote unauthenticated threat actor to obtain access to the administrative interface and perform operations via specially crafted HTTP or HTTPS requests.

By Nate Smolenski In May, the National Institute of Standards and Technology (NIST) released the white paper, “Planning for a Zero Trust Architecture,” which illustrates how agencies can make this transition by leveraging the seven steps of the NIST Risk Management Framework (RMF): Prepare, categorize, select, implement, assess, authorize, and monitor.

Red teams, blue teams, and purple teams, oh my! Many of us have heard these terms, but what exactly do they mean? And where does our individual interest and expertise place us? There are many niche roles within security, but this post will cover the basics of red, blue, and purple teams, and explain how they work together to enhance an organization’s security posture.

You can’t protect your system if you don’t know where the vulnerabilities lie or what aspects of your security architecture are being targeted by threats. Intelligence is everything in security — it’s how CISO’s make large-scale operational decisions, how IT teams prioritize projects, and how responders restore and remediate a system during and after an incident.