In January 2019 AsyncRAT was released as an open source remote administration tool project on GitHub. AsyncRAT is a popular malware commodity and tools used by attackers and APT groups. Threat actors and adversaries used several interesting script loaders and spear phishing attachments to deliver AsyncRAT to targeted hosts or networks in different campaigns.

Looking for a stable job in tech? Cybersecurity is one of the fastest growing employment segments — with a zero percent unemployment rate! This is a promising field for new graduates in the technology sector with strong backgrounds in systems design, data and mathematics. What roles and responsibilities can you expect in the cybersecurity domain? Here is a list of cybersecurity roles, their responsibilities, skills required and average annual salary.

Enterprises these days are facing a triple threat: stiffer government policies, volatile cyberspace and an extra-competitive economy. And without a well-planned strategy, it will be hard to survive all these and hit high-performance goals. Hence the need for an effective GRC strategy. Since its invention in 2003, GRC as a strategy for achieving organizational goals amidst uncertainty and with integrity, has stayed true to its primary purpose. Despite the increasing turbulence in the economy.

As security practitioners, we like to read blogs, whitepapers, and even Mastodon “toots” that talk about new or novel threats and vulnerabilities. Recently, our fearless and never sleeping Security Strategist Leader James Brodsky called attention to a blog post from a researcher that highlighted the risks of password disclosure in authentication logs.

Most dynamic web applications and sites — ones that store and process user information — use some sort of database implementation. One of the most common implementations involves SQL. Structured Query Language is a standard language for relational database management systems (RDBMS). It lets you query database records, change and modify them, set permissions, create custom views and storage procedures.

Zero-Day” is an intriguing concept in the domain of cybersecurity. Imagine diligently following security best practices such as patching exploits and updating the systems regularly. Plus, you’re following strict risk management and governance frameworks within the organization to vet new software applications for security risk before adding them to your library. But what happens when the security flaws are novel — and a patch does not exist?

Malicious software like ransomware often use tactics, techniques, and procedures such as copying malicious files to the local machine to propagate themselves across the network. A few years ago, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Health and Human Services issued a joint cybersecurity advisory to ward off potential harm from threat actors for at-risk entities.

In recent years, there have been several high-profile cyber attacks that have involved the abuse of digital certificates. Digital certificates are electronic credentials that verify the identity of an entity, such as a person, organization, or device, and establish trust between parties in online transactions. They are commonly used to encrypt and sign data, authenticate users and devices, and secure network communications.

Digital rights management (DRM) is a set of technologies, tools and techniques to protect your copyrighted digital content from unauthorized copying, sharing or usage. Content creators, organizations and distributors typically implement DRM to control access to their intellectual or sensitive property and ensure that it is only used by the terms and conditions they have established. It also helps companies secure their files and enables safe sharing, so they don’t land in the wrong hands.