April 15 2024 Cyber Threat Intelligence Briefing
This weeks' briefing covers: Dive deeper: playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Password Length vs Complexity: Which Is More Important?
In this video, learn about the differences between password length and complexity, which is more important, and four tips to improve password security in your organization. Learn more about: Resources and social media: Transcript: It’s no secret that passwords aren’t foolproof. In fact, the most common way that hackers infiltrate an organization is through stolen credentials. But until the day that everything has shifted to passwordless authentication, passwords are still necessary. So, how can we make them as strong and effective as possible?
Step-by-step configuration of Files & Folders Recovery
File-level recovery is a great feature of BDRSuite, It allows you to perform granular restores of files or folders from the backed up disk. Watch this video and learn how quick and easy it is to setup and facilitate a granular recovery.
Effective Cybersecurity Incident Response: What to Expect from Your MDR Provider
Companies engage with a managed detection and response (MDR) provider to help ensure they detect cyber threats before they do any damage. The "response" part of the MDR moniker is key to that effort, making it vital to determine up front exactly what your chosen provider will do when it detects a threat in your environment.
Palo Alto Networks Vulnerability: CVE-2024-3400
On April 12th, Palo Alto Networks released a CVE advisory for CVE-2024-3400, a critical vulnerability identified in the GlobalProtect Gateway feature of PAN-OS, the operating system for Palo Alto Networks firewalls. This command injection vulnerability allows unauthenticated attackers to execute arbitrary commands with root privileges on the affected devices.
Analysis: FBI's FY23 Cybercrime Report Shows Two Tactics Are On The Rise
I started my career as a Counterintelligence Special Agent in the U.S. Army, quickly learning how to decode the complex signals of security threats. Next, I sharpened my skills in state law enforcement, investigating (and preventing) cybercrime by identifying and mitigating digital threats.
New and Improved Packages from JumpCloud
IT professionals are the people who Make Work Happen™ throughout their organization — so it’s important they have the right tools at their fingertips. We believe that the best tools are those that can adapt to meet their needs as they evolve. This ethos drives the continual investment in the JumpCloud platform based on regular user input and feedback. As we’ve collected and acted upon customer feedback over the last couple of years, the JumpCloud platform has grown significantly.
The Secret Cipher: Modern Data Loss Prevention Solutions
This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. Far too many organizations place Data Loss Prevention (DLP) and Data Protection at the bottom of their priority list due to the perceived difficulty in its deployment. When there are in fact some easy approaches to getting started with protecting your data.
DLP Security: Benefits, Implementation, and Common Pitfalls
Regardless of the industry, the risks associated with data loss are significant. Financial services, healthcare, government, technology, and many other fields – all rely heavily on sensitive data. The Identity Theft Resource Center (ITRC) reports that the number of data compromises in the United States hit a record high of 1,802 in 2022. This emphasizes the alarming increase in data security incidents.
Six Ways To Prevent Privilege Escalation Attacks
Organizations need to prevent privilege escalation attacks to protect their sensitive data from unauthorized access. To prevent privilege escalation attacks, organizations should implement least privilege access, follow password security best practices, enforce Multi-Factor Authentication (MFA), keep software up to date, monitor network traffic and regularly run penetration tests.