Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Memory forensics plays a crucial role in digital investigations, allowing forensic analysts to extract valuable information from a computer's volatile memory. Two popular tools in this field are Volatility Workbench and Volatility Framework. This article aims to compare and explore these tools, highlighting their features and differences to help investigators choose the right one for their needs.

Kroll’s Cyber Threat Intelligence (CTI) team has been tracking an uptick in phishing campaigns utilizing open redirects. Open redirects are vulnerabilities commonly found on websites that allow for the manipulation of legitimate URLs, which actors can leverage to redirect users to arbitrary external URLs. They occur when a website allows for user-supplied input as part of a URL parameter in a redirect link, without proper validation or sanitization.

Ensuring your threat detection rules work as intended and provide sufficient coverage for major threats is a critical component of a security program. Red Canary’s Atomic Red Team—an open source library of detection tests that help teams validate the effectiveness of their security measures—has historically been the tool of choice for detection testing.

While security teams may “run on Dunkin’,” companies run on applications. From Salesforce and Hubspot to ServiceNow and Jira, your organization relies on a complex, interconnected application ecosystem. In 2022, organizations used an average of 130 Software-as-a-Service (SaaS) applications. While these technologies enabled them to reduce costs and achieve revenue targets, they created new security risks.

In the dynamic and ever-shifting realm of cybersecurity, the Directive on measures for a high common level of cybersecurity across the Union (NIS2 Directive) has emerged as a cornerstone framework, designed to ensure the safety of critical network and information systems across the European Union. This recent directive, which has entered into force, holds considerable significance, casting far-reaching implications for diverse sectors and entities operating within the EU.

Your website or application must be set up within communications networks in order to be accessible to users. Each connection point to an external environment is a possible attack vector that makes up your attack surface. In order to encrypt traffic between your site and your users, you can set your system up with an SSL certificate that uses SSL/TLS protocols to secure traffic.

One of the most challenging aspects of running an effective Security Operations Center is how to account for the high volume of notable events that ultimately do not present a risk to the business. Some examples of non-risky notable events include a user forgetting their password and submitting it erroneously multiple times in a row, or a user accessing a system (for a completely valid reason) at an odd hour outside of their normal behavior.

GitOps was pioneered by Weeveworks in 2017. It uses familiar tools to implement continuous deployment for cloud-native applications, improving the developer experience of Kubernetes cluster management and application delivery.

Shocking to no one: Artificial Intelligence (AI) was a huge topic at Black Hat USA 2023, but what did we learn about it? With no shortage of talks on it, there are many insights to take into account. We asked highly skilled Software Security Researchers who attended both Black Hat and DEFCON to weigh-in on the most insightful moments, particularly related to AI. Here’s what we found.