Day: April 7, 2022

Cloud Security Podcast by Google — Popular Episodes by Topic

Cloud Security Podcast by Google — Popular Episodes by Topic This is simply a post that categorizes our podcast episodes by topic and then by download/listen count. Top 5 overall “Confidentially Speaking““Data Security in the Cloud““Zero Trust: Fast Forward from 2010 to 2021““The Mysteries of Detection Engineering: Revealed! ““Modern Threat Detection at Google“ Security Operations Center (SOC) “SOC in a Large, Complex and …

Cloud Security Podcast by Google — Popular Episodes by Topic Read More »

PSW #735 – Sean Metcalf & Jay Beale

Paul’s Security Weekly Tue, 31 May 2022 22:18:06 +0000 Wed, 08 Jun 2022 07:39:53 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ production@securityweekly.net (production@securityweekly.net) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly paul@securityweekly.com hacking,security false production@securityweekly.net episodic no PSW #735 – Sean Metcalf & Jay Beale Thu, 07 Apr 2022 21:00:00 +0000 03:25:51 false Podcast full Read more

PSW #735 – Sean Metcalf & Jay Beale

Paul’s Security Weekly Tue, 31 May 2022 22:18:06 +0000 Wed, 08 Jun 2022 07:39:53 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ production@securityweekly.net (production@securityweekly.net) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly paul@securityweekly.com hacking,security false production@securityweekly.net episodic no PSW #735 – Sean Metcalf & Jay Beale Thu, 07 Apr 2022 21:00:00 +0000 03:25:51 false Podcast full Read more

The CIA Triad: A Key Part of Your Cyber Security Program

In a society where data is being transferred constantly each day, it is imperative that fundamental objectives surrounding the security of that data are set in place. What is the CIA Triad? A model that has been trusted and developed over the last 50 years, the CIA Triad is comprised of three key components: ConfidentialityIntegrityAvailability …

The CIA Triad: A Key Part of Your Cyber Security Program Read More »

Fidelis Endpoint delivers 100% detection coverage across all nineteen steps during the 2022 MITRE Engenuity™ Round 4 ATT&CK® Evaluation 

Fidelis Endpoint®, Fidelis Cybersecurity’s Endpoint Detection and Response (EDR) platform, successfully detected overwhelming evidence of malicious activity prior to successfully detecting the execution of ransomware: the final step for each simulated attack during the 2022 MITRE Engenuity™ Round 4 ATT&CK® Evaluation. Fidelis Endpoint successfully provided analytic detections in 100% of the nineteen adversarial steps and …

Fidelis Endpoint delivers 100% detection coverage across all nineteen steps during the 2022 MITRE Engenuity™ Round 4 ATT&CK® Evaluation  Read More »

CIS Benchmarks April 2022 Update

The following CIS Benchmarks have been updated or recently released. We’ve highlighted the major updates below. Each Benchmark includes a full changelog that references all changes. Three New CIS Benchmarks for Linux Devices CIS Rocky Linux 8 Benchmark v1.0.0 includes prescriptive guidance for establishing a secure configuration posture for Rocky Linux 8 systems running on x86_64 …

CIS Benchmarks April 2022 Update Read More »

CTA Webinar – The Cyber Threat Landscape: 2021 Was a Hell of a Ride – 2022 Isn’t Shaping Up Any Better

By Cyber Threat AllianceApril 7, 2022 Join CTA and Radware as Neil, Daniel, and Pascal discuss the most significant threats and trends in the past, present and future. 2021 was a hell of a ride. Ransomware and supply chain attacks led to organizations getting hacked faster than security organizations could count. As organizations embraced a …

CTA Webinar – The Cyber Threat Landscape: 2021 Was a Hell of a Ride – 2022 Isn’t Shaping Up Any Better Read More »

Video: How to successfully move from reactive to preventative security

Hear from BlackBerry about the solutions available for CISOs to adopt a preventative cyber security strategy Add bookmark Watch this exclusive CS Hub conversation on how to successfully move your business from a reactive cyber security posture to a preventative one. Businesses often rush to react to the last cyberattack yet do nothing to prevent …

Video: How to successfully move from reactive to preventative security Read More »

Identity Management Champions: Identity Security is Everyone’s Responsibility

Identity Management Day is about raising awareness of the importance of identity management and securing digital identities, and sharing best practices to help organizations and consumers #beidentitysmart. This year we are proud to recognize almost 200 individuals and organizations who are prioritizing identity management and security as Identity Management Champions. Find out what they have …

Identity Management Champions: Identity Security is Everyone’s Responsibility Read More »

Multi-Cloud vs. Single Cloud: What’s the Difference?

Cloud computing enables organizations to vastly reduce their operational costs, increase efficiency, and become leaner, ultimately making them better able to adapt to change. As speed and agility increasingly become essential to success in the modern, fast-paced digital economy, organizations are deploying more of their applications, assets, and workloads to public clouds.  It appears this …

Multi-Cloud vs. Single Cloud: What’s the Difference? Read More »

The Lapsus$ Threat Reinforces Critical Need to Secure Your Supply Chain

Kim Crawley NVIDIA. Samsung. Microsoft. Okta. Globant. At least one of these Lapsus$ targets could be in your company’s tech supply chain. Regardless, these high-profile attacks highlight how interconnected and dependent IT systems become as companies grow and innovate, and the need to secure your supply chain.  Lapsus$, a global cybercrime group, has a tendency …

The Lapsus$ Threat Reinforces Critical Need to Secure Your Supply Chain Read More »

CITP Case Study on Regulating Facial Recognition Technology in Canada

Canada, like many jurisdictions in the United States, is grappling with the growing usage of facial recognition technology in the private and public sectors. This technology is being deployed at a rapid pace in airports, retail stores, social media platforms, and by law enforcement – with little oversight from the government.  To help address this …

CITP Case Study on Regulating Facial Recognition Technology in Canada Read More »

CVE-2022-26381: Gone by others! Triggering a UAF in Firefox

Release Versus ASAN Behavior When running the PoC against the release version, we got a crash during a dereference of 0xE5E5E5E5E5E5E5E5. However, in the ASAN version, it crashed when writing to memory. Why is there a difference? The reason is as follows: In a release (non-ASAN) build, when freeing an object, its memory remains accessible …

CVE-2022-26381: Gone by others! Triggering a UAF in Firefox Read More »

2021 IoT Security Landscape

1 of 2 networks experience attack or suspicious network traffic behavior IoT devices have been making headlines for many years now, as their usage has grown quickly in many verticals, including industrial, municipal and consumer. More than 1 billion IoT attacks took place in 2021, nearly 900 million of which were IoT-related phishing attacks. SAM’s …

2021 IoT Security Landscape Read More »

Inside the Tanium and Deep Instinct Integration

When Tanium and Deep Instinct joined forces in a new strategic alliance this past November a unique product offering was born. Customers will now get extremely fast and accurate threat prevention capabilities from Deep Instinct combined with full endpoint visibility and control from Tanium.  As Tanium co-founder and CEO Orion Hindawi said of the partnership, “We enable organizations to …

Inside the Tanium and Deep Instinct Integration Read More »

RiskIQ Threat Intelligence Roundup: Trickbot, Magecart, and More Fake Sites Targeting Ukraine 

This week’s roundup again builds on powerful research published by the cybersecurity community about cyberattacks against Ukrainian citizens, refugees, and armed forces, including fraudulent sites attempting to fool people that want to donate money.  The post RiskIQ Threat Intelligence Roundup: Trickbot, Magecart, and More Fake Sites Targeting Ukraine  first appeared on RiskIQ.Read more

How secure is your cloud storage? Mitigating data security risks in the cloud

As cloud systems are increasingly the bedrock on which digital transformation is built, keeping a close eye on how they are secured is an essential cybersecurity best practice For weeks, cybersecurity experts and government agencies have been urging organizations to enhance their cyber-defenses due to the increased threat of cyberattacks amid Russia’s invasion of Ukraine. …

How secure is your cloud storage? Mitigating data security risks in the cloud Read More »

Welcome to our 8th Annual Data Security Incident Response (DSIR) Report. What a year it has been!

Click the image to download the 2022 DSIR Report. 2021 did not turn out the way many of us had hoped. Best-laid plans to “return to normal” were postponed numerous times due to multiple waves of COVID-19 outbreaks and new variants. The steady frequency of ransomware attacks in 2020 continued into 2021, highlighting the serious …

Welcome to our 8th Annual Data Security Incident Response (DSIR) Report. What a year it has been! Read More »

Avoid Becoming a Victim to These Cybersecurity Threats in 2022

Cybercrime is a growing concern for businesses of all types. With the recent shift towards working from home, more office communication is taking place online. This opens the door for sensitive company data to potentially fall into the wrong hands. In this article, we’re going to look at the most common cyber security threats for …

Avoid Becoming a Victim to These Cybersecurity Threats in 2022 Read More »

SPM55: Ascending the Ranks of Indonesian Phishing As A Service Offerings

Who is SPM55? Although SPM55 is a relative newcomer to the Indonesian cybercrime community, a marked uptick in activity and known customers over the last several months suggests this group seeks to scale their business operation, possibly in response to the collapse of competing Indonesia-based phishing vendors. SPM55 offerings target a number of popular services, …

SPM55: Ascending the Ranks of Indonesian Phishing As A Service Offerings Read More »

BSW #257 – Jonathan Gohstand

Paul’s Security Weekly Tue, 31 May 2022 22:18:06 +0000 Wed, 08 Jun 2022 08:33:20 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ production@securityweekly.net (production@securityweekly.net) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly paul@securityweekly.com hacking,security false production@securityweekly.net episodic no BSW #257 – Jonathan Gohstand Thu, 07 Apr 2022 09:00:00 +0000 58:40 false Podcast full Read more