The MITRE ATT&CK framework is a universally accepted knowledge-base of tactics, techniques and procedures designed to organize and display how adversaries attack real-world assets. Blue teams use ATT&CK to better understand the multitude of new (and old) attacks and map those to their internal tools and systems.
The European Union Agency for Cybersecurity (ENISA) released in November 2020 its “Cybersecurity in Railways” report to raise awareness about the cybersecurity challenges facing Europe’s railways. The report identifies the current cybersecurity status and challenges as well as proposes cybersecurity measures to combat these challenges and enhance the sector’s security posture.
When I was a software developer, I never joined any dev communities. I didn’t see the point. I also worked evenings as a professional musician and mostly spent time within the music community and sports groups I was a part of. I spent time with my dev friends at work; I didn’t understand why I would want to know devs with whom I didn’t work. I was a senior dev.
Social media is no stranger to scams. However, recent trends show scammers have started to show more aggression toward businesses since the beginning of the pandemic. Being able to recognize these scams can help you prevent injury to your business.
The Canadian Centre for Cyber Security performs evaluations on common IT products and releases a report called “Common Criteria Certification.” This process allows for organizations to review an evaluation without needing to set up and configure an IT product that they would like to test. Tripwire Enterprise v8.8.2.2 was recently evaluated and passed the certification.
Organizations are overwhelmed by the choice of cyber security tools in the market. They need to balance prioritizing and remediating vulnerabilities with managing their secure configurations. What’s more, many organizations are using hybrid clouds where they need to protect assets that are hosted both on premises and in the cloud. This complexity requires a thoughtful approach to cyber security.
Data breaches are becoming increasingly common, and one factor driving this escalation is the fact that today’s IT systems are integrated and interconnected, requiring login information from multiple parties and services. In response, Amazon Web Services has launched the AWS Secrets Manager, a service designed to help organizations get a handle on these “secrets” by storing and accessing them in a secure way.
Picture this: a young person is in a dark room. The only thing visible is their figure, as it is just barely lit by the blinding LEDs of their computer screen. They type furiously on an ergonomic keyboard as thousands of lines of neon green monospace text fly across the screen. Click-clack-click-clack-click-clack.
Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software.
Many organizations are migrating their workloads to the cloud. But there are challenges along the way. Specifically, security leaders are concerned about their ability to protect their cloud-based data using secure configurations.
