Security Bloggers Network

Weekly Top 10

Latest Posts

Consider Cybersecurity topics, authors and tags that you are interested in when trying to search. You can also enter your own custom search criteria. You can also select a topic or syndication source below to filter all the blog posts.

Our thanks to BSides Calgary and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group's BSides Calgary 2020 Conference, and on the Organization's YouTube Channel. Enjoy! Permalink ...
Read More
|
via the comic delivery system monikered Randall Munroe resident at XKCD! Permalink ...
Read More
|
Our thanks to BSides Calgary and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group's BSides Calgary 2020 Conference, and on the Organization's YouTube Channel. Enjoy! Permalink ...
Read More
|
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore the possibilities and challenges of a passwordless era. This past year has been difficult for organizations globally, … The post Five worthy reads: Are we ready for a passwordless future? appeared first ...
Read More
|
In 2016 the National Socialist Movement (NSM) of America, claimed to be “buoyed by a Donald Trump victory”, and announced a shift in symbols they considered headline-worthy: “…white supremacists ban swastika in bold attempt to ‘go mainstream’.” The Odal rune, a less-well-known Nazi Germany symbol, will take the place of the swastika on all official ...
Read More
|
New York Times reporter Nicole Perlroth has written a book on zero-days and nation-state hacking entitled “This Is How They Tell Me The World Ends”. Here is my review.I’m not sure what the book intends to be. The blurbs from the publisher implies a work of investigative journalism, in which case it’s full of unforgivable ...
Read More
|
Going to the office, shopping at the mall, and travelling all seem like a distant memory. But while many look... The post Modern Identities for the Digital First World appeared first on Entrust Blog ...
Read More
|
Security professionals are widely adopting MITRE ATT&CK™ for network threat hunting. ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge, and it represents a globally accessible information base of adversary tactics and techniques based on real-world observations. MITRE ATT&CK provides… The post Network Threat Hunting Made Easy With the MistNet NDR MITRE ATT&CK™ Engine appeared ...
Read More
|
Os dados são claros: houve um aumento de 25% nos ataques de ransomware no primeiro trimestre de 2020 em comparação com o quarto trimestre de 2019. Outros, como ataques de phishing e ataques de negação de serviço distribuído (DDoS), também … The post Sete práticas de segurança cibernética que toda organização deveria implementar appeared first ...
Read More
|
A evolução da cibersegurança acompanhou o desenvolvimento da tecnologia da comunicação. À medida que progredíamos de telégrafos para os smartphones, o mesmo aconteceu com os ataques cibernéticos, do worm Morris ao Stuxnet e, mais recentemente, Snake ransomware. Percorremos um longo … The post Evolução da cibersegurança: Uma breve linha do tempo appeared first on ManageEngine ...
Read More
|
Um analista de centro de operações de segurança (SOC) é parte integrante de uma equipe responsável por mantera empresa protegida contra crimes cibernéticos. O analista SOC é um profissional de segurança que lida com as coisas boas e ruins, detectando … The post Um dia na vida de um analista SOC appeared first on ManageEngine ...
Read More
|
Google and the Linux Foundation announced this week they will underwrite two full-time maintainers for Linux kernel security development. Gustavo Silva is currently working full time on eliminating several classes of buffer overflows by transforming all instances of zero-length and one-element arrays into flexible-array members, which is the preferred and least error-prone mechanism to declare ...
Read More
|
Security Boulevard
Posted under: Research and Analysis As discussed in the first post in the Infrastructure Hygiene series, the most basic advice we can give on security is to do the fundamentals well. That doesn’t insulate you from determined and well-funded adversaries or space alien cyber attacks, but it will eliminate the path of least resistance that ...
Read More
Our thanks to BSides Calgary and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group's BSides Calgary 2020 Conference, and on the Organization's YouTube Channel. Enjoy! Permalink ...
Read More
|
Black History Month Spotlight: Jane-Glenna Anthony michelle Fri, 02/26/2021 - 10:26 We're celebrating Black History Month by spotlighting our outstanding team members whose exemplary work furthers the mission of our company every day. Meet Jane-Glenna Anthony on our Technical Services team. Feb 26, 2021 What inspired you to join Delphix? First, Delphix has a great ...
Read More
|
Creating HIPAA compliant apps requires robust application protection measures. Here’s what you need to know. The post How application protection helps HIPAA compliance appeared first on Intertrust Technologies ...
Read More
|
via the comic delivery system monikered Randall Munroe resident at XKCD! Permalink ...
Read More
|
We’re back after a skipped Security News in Review last week. In this week’s edition of our roundup of the biggest cybersecurity news stories, we have reporting on ransomware attacks shutting down Underwriters Laboratories and a payment processor widely used by state and municipal governments, as well as a report on Google partnering with the ...
Read More
|
Our thanks to BSides Calgary and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group's BSides Calgary 2020 Conference, and on the Organization's YouTube Channel. Enjoy! Permalink ...
Read More
|
A really nasty remote code execution vulnerability is being exploited right now. VMware vCenter can be trivially broken into ...
Read More
|
Security Boulevard
In our latest episode of AppSec Decoded, we explore the main drivers of DevSecOps adoption as noted in the BSIMM11 report. The post AppSec Decoded: What is driving DevSecOps adoption? appeared first on Software Integrity Blog ...
Read More
“I feel the need – the need for speed.” Pete “Maverick” Mitchell’s phrases in Top Gun (1986) stand true for today’s application development world, where it is important to deliver. The post Faster, Better, Safer – With Little Help of Web Application Security Testing Tools appeared first on Indusface ...
Read More
LogRhythm announced multiple areas of growth as a result of customer- and employee-centric initiatives implemented in 2020. These include increases in the amount of data being protected by customers using the LogRhythm NextGen SIEM Platform and the introduction of new programs designed to promote holistic employee well-being. In addition to supporting customers’ and employees’ successes during ...
Read More
|
By Paul Kehrer It is a truism in modern software development that a robust continuous integration (CI) system is necessary. But many projects suffer from CI that feels brittle, frustrates developers, and actively impedes development velocity. Why is this? What can you do to avoid the common CI pitfalls? Continuous Integration Needs a Purpose CI ...
Read More
|
Those who follow me on social media already knows this, but we have launched THE Cloud Security Podcast.TL;DR:Find this on Google Podcasts, Apple Podcasts, Spotify, Stitcher and wherever else podcasts can be found. You can also download the episodes directly here. Follow @CloudSecPodcast.The whole story from our GCP blog is cross-posted below:Security continues to be top ...
Read More
|
The post TAG Cyber Evaluation: Frontline Vulnerability Manager™ appeared first on Digital Defense, Inc ...
Read More
|
" width="210" height="" border="0" alt="" /> Drive-by downloads deliver threats that range in severity from privacy violations to injecting malware onto your devices. Preventing drive-by downloads can be tricky, due to the stealthy nature of these attacks – many victims are unaware that a drive-by download has even occurred. What is a Drive-By Download? A ...
Read More
|
IT management and endpoint security challenges are arising due to fluctuating work environments. Organizations are now forced to optimize and innovate faster than ever before. With a portion of their workforce returning to offices and another portion continuing to work … The post Enhance endpoint security for remote workers using holistic UEM [Webinar] appeared first on ...
Read More
|
Last week, a malware dubbed “Silver Sparrow” was discovered by Red Canary. The malware targets MacOS machines with either x86 or M1 chips. Silver Sparrow installations were found in approximately 30K MacOS endpoints across 153 countries, mainly the US, UK, Canada, France, and Germany, a fact that could indicate a large-scale campaign. Hunters’ security research...The ...
Read More
|
Almost a year ago, the world turned upside down and seemingly everything changed due to the COVID-19 pandemic. In that time, entire workforces went – and stayed – home, cloud adoption skyrocketed and digital transformation ...
Read More
|
Excellent Brookings paper: “Why data ownership is the wrong approach to protecting privacy.” From the introduction: Treating data like it is property fails to recognize either the value that varieties of personal information serve or the abiding interest that individuals have in their personal information even if they choose to “sell” it. Data is not ...
Read More
|
In the first part of this blog series, we saw a brief overview of what a security operations center (SOC) is and how it operates. In this part, we’ll take a look at the typical activities that SOC analysts carry … The post  Security operations center, Part 2: Life of a SOC analyst  appeared first ...
Read More
|
Article by Greg Foss, Senior Cyber Security Strategist, VMware Carbon BlackWherever there is disruption, cybercriminals see opportunity. Alongside the devastating health and economic impacts of the global coronavirus pandemic, we have also seen a huge escalation in ransomware attacks as people shifted to working from home. VMware Carbon Black threat researchers have recorded a 900% ...
Read More
|
Parliament in Australia is reviewing the proposed Online Safety Bill 2021, which would in essence extend the cyberbullying rules protecting children so that adults are protected in the same way. The bill also expands children’s protection by giving them the right to be free from harmful content not only in the realms of social media, ...
Read More
|
Enterprises and their staff dealt with a lot of change in 2020. The pandemic and resulting lockdowns forced organizations to allow staff to work from home. This vastly increased mobility, cloud computing and social networking usage; in some cases, this transition occurred before companies and staff were fully prepared. Work from home (WFH) moved insiders ...
Read More
|
Security Boulevard
Organizations need a Security-driven Networking approach that combines networking and security into a holistic solution to protect any edge the moment it is created. Learn how to achieve this ...
Read More
|
With Zero Trust Access, the entire concept of trusted and untrusted zones no longer applies. Learn how the most effective strategy is a holistic approach that delivers visibility and control by focusing on three key areas ...
Read More
|
Last year saw a tremendous shift in security priorities following enterprises’ response to the pandemic. The good news is, business leadership is now paying more attention to information security. The bad news is, enterprise security teams have a lot of work ahead. According to a survey conducted by IDG on behalf of integration services provider ...
Read More
|
Security Boulevard
The healthcare sector is undergoing digitalization and adopts new technologies to improve patient care, offer new services for remote patients and reach operational excellence. The integration of new technologies in the complex healthcare IT infrastructure creates new challenges regarding data protection and cybersecurity. On the one hand, the COVID-19 pandemic has been a driver for ...
Read More
|
For today’s security professionals, managing risk is arguably the most critical and challenging part of their job–and quite ... Read More The post Integrated Risk Management for Your Business appeared first on Hyperproof ...
Read More
|
Microsoft estimates it would take 1,000 to carry out the famous SolarWinds hacker attacks. This means in reality that it was probably fewer than 100 skilled engineers. I base this claim on the following Tweet: When asked why they think it was 1,000 devs, Brad Smith says they saw an elaborate and persistent set of ...
Read More
|
Customer onboarding is one of the more delicate components of marketing. This process can make or break a business. In addition to increasing the revenue, it also allows businesses to create relationships with their customers ...
Read More
|
Positive customer relations help you connect with your customers on a much more personal level. When you connect with the target audience deeply, you are much more likely to understand their requirements, resolve their problems, and create a sense of mutual understanding ...
Read More
|
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user into the infected database whenever the trigger condition is met. What makes this especially problematic for website owners is that most malware cleanup guides focus ...
Read More
|
The U.S. Labor Department's inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That's a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To ...
Read More
|
Don’t be afraid of the buzz-word industry cybersecurity. If I can do it, so can you. Your so-called ‘non-standard’ background might be your biggest asset The cybersecurity industry may sound nerdy and intimidating, but the fact is that it offers a lot of interesting professional opportunities to those who are ready to learn and hone ...
Read More
|
Welcome to Part 4 of our series examining how to select the best security, orchestration, automation and response (SOAR) solution... The post Selecting the Best SOAR Solution Series: Throw the (Play)book at ‘Em! (Part 4) appeared first on Siemplify ...
Read More
|
Secrets in code are a pervasive and ever increasing attack vector in modern software companies.  If you’ve ever used a secret scanning tool to detect secrets in your code, you’ve probably had to deal with the overwhelming amount of false positives.  In some cases, the level of noise is so high that it can be ...
Read More
|
Social media phishing scammers are proliferating as cybercriminals look for ways to capture credentials & data in a challenging economy ...
Read More
|
Garantizar el acceso a los recursos empresariales siempre ha sido una prioridad para los administradores y los equipos de TI. Después de la pandemia, las fuerzas de trabajo están más distribuidas que nunca, y el 76 por ciento de los … The post ¿Por qué las VPN en dispositivos móviles son cruciales de proteger el ...
Read More
|