Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In an early January post by Mohamed Dabo of Cards International, the CEO of INETCO and the Director of Barclaycard Payment Solutions shared their views on key payment fraud and security issues that will dominate the payments landscape in 2020. Both alluded to the delicate balance between delivering an amazing customer experience, meeting compliance such as the Strong Customer Authentication (SCA) legislation, and trying to keep one step ahead of the fraudsters.

Check Point researchers recently published two vulnerabilities they’d found in Microsoft’s Azure cloud services. These flaws highlight a wave of potential attacks on cloud infrastructure and the exposure of workloads running in multi-tenant cloud environments.

Cybersecurity talent is elusive, resources are dwindling, but hacks are on the rise. We’re addressing these challenges as “must-haves” as we kick off the year is essential to an organization’s cybersecurity strategy. Here are some of the 10 things to know about cybersecurity in 2020. (If you’re interested in hearing more, register for a Cygilant and AT&T Cybersecurity webinar on the topic February 6).

SaaS adoption is continuously on the rise and so is the number of companies migrating their email services to Microsoft Office365. It’s the most popular SaaS service and while over 90% of enterprises use it, only less than a quarter of them have already migrated to the cloud-based suite. Nonetheless, this number is growing steadily, as cloud adoption rates are increasing.

Security ratings or cybersecurity ratings provide risk management and security teams with the information needed to determine whether their vendors' and their own security posture is sufficient to prevent cyber attacks and ensure information security.

Is an electricity provider’s supply chain its weakest link in the event of a cyberattack? The evidence is compelling that third parties often play unwitting roles. For example, the NotPetya ransomware attacks in mid-2017 originally gained a foothold via a backdoor in third-party accounting software. To safeguard North America’s electricity supply, the North American Electric Reliability Corporation (NERC) has issued several critical infrastructure protection (CIP) standards.

In the age of the digital world, owning a Security Operations Center (SOC) is vital for the cybersecurity of every organization. However, it is not necessarily true that every SOC is effective against cyber threats and attacks. The main reason behind this fact is a lack of standardized SOC frameworks. SOC framework requires a document to be designed to provide guidelines, requirements, and specifications in order to support cybersecurity operations effectively.

The AT&T Cybersecurity Alien Labs team is in charge of writing correlation rules and releasing threat intelligence updates on a day-to-day basis. When researchers in the team find new malware families or threats, we always try to find the best approach to keep our customers protected. In this blog, we will look into some of the differences between signatures and correlation rules.