Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all of these security configurations can be a daunting responsibility for security or IT teams to focus on, which is where security configuration management (SCM) comes in.

How would you feel about your home security system if it only checked to see if your doors and windows were locked periodically? This security system would provide great visualizations of your house and how a criminal could get from one room to another, ultimately reaching one of your prized possessions, like a safe. However, it doesn’t have cameras on your doorbell or windows to alert you in real time when someone suspicious was approaching, or worse, trying to break into your house.

Occasionally, you get exposed to something so logical that you literally take pause and smile quizzically asking yourself “Why didn’t I think of this before?”

Active Directory (AD) is the cornerstone of any on-premises or hybrid Microsoft environment. It stores information about users, computers and other objects, and provides vital services that enable employees to be productive and business processes to run. This article covers the Active Directory basics you need to know.

Group Policy is a feature of Microsoft Windows operating systems that helps administrators manage and secure users and computers in Active Directory environments. Group Policy settings are grouped into Group Policy objects (GPOs) and applied to computer and user objects within the scope of the GPO. For example, Group Policy objects can be used to manage: This guide explains the key elements of Group Policy management.

The term 'nudge' has become a buzzword in cyber security over recent years, often being mistakenly equated with 'notifications'. CultureAI aims to shift this perception by leveraging Nudge Theory principles to implement actionable Nudges.

Juggling different file formats can become a real headache. If you’ve ever received an incompatible file and are unsure how to access it or what format you need, the best solution is a file converter. However, not all file converters can solve your problem. Many have limits on the number of conversions you can make. For some file converters, you can only convert up to 5 files, leaving you to wait up to an hour until you can use the service again unless you pay for unlimited conversions.

Netskope Threat Labs recently analyzed a new ransomware strain named Evil Ant. Evil Ant ransomware is a Python-based malware compiled using PyInstaller that looks to encrypt all files stored on the victim’s personal folders and external drives. This ransomware strain requires process continuity from encryption until file recovery. Rebooting, shutting down, or ending the ransomware process will make affected files unrecoverable.

Microsoft and Google were the most frequently impersonated brands in phishing attacks during the first quarter of 2024, according to a report from Check Point. Microsoft-themed phishing attempts accounted for 38% of attacks in Q1 2024, while Google came in at a distant second with 11%. Notably, phishing attacks impersonating vacation rental company Airbnb have spiked over the past few weeks.

In a new report, Cisco says the cyber readiness of organizations is lacking despite having experienced multiple cyber attacks within the last year. The maturity of an organization’s state of cyber readiness may very well dictate the outcome of an attack; it’s one thing to have a bunch of solutions in place, and it’s completely another to have the right solutions, policies, practices, and plans in place to address cyber risks.