Day: April 8, 2022

We have assembled a variety of ideas in this guide for easy access to grab and go security awareness resources!Read more

SpringShell, also known as Spring4Shell, is a vulnerability in the Spring Framework, a widely used open-source framework for building enterprise Java applications.  SpringShell Explained One reason the vulnerability is considered severe is that it allows unauthenticated remote code execution – in other words, by exploiting this vulnerability, an attacker could run commands on a compromised …

What Executives Need to Know About SpringShell (aka Spring4Shell) Read More »

If you’ve been working in InfoSec for a while, you’ve seen your fair share of security protocols and controls. First, it was on-prem hardware that, while challenging for external threats to access, required substantial manual effort to protect. Then, network-based data sharing opened up security controls to threats outside your four walls, but the security …

Overcome Security Issues Raised by Cloud Computing Read More »

Lauren Womack April 8th, 2022 When people talk about revolutions in agricultural history, they generally agree that the first revolution was the transition from hunting and gathering to farming. The second transformation coincided with the industrial revolution and mechanized farming while increasing farmers’ market access with faster transportation. The third revolution revolved around hybridization and …

Does a Faster Network Make for Safer Food? Read More »

Initial attempt to set up the device, use the phone app, and set up a VLAN This post is part of a series on an adventure to connect a PFSense firewall and a Ubiquiti Dream Machine Pro. See the bottom of the post for all the posts in this series. This is just me clicking around trying …

Ubiquiti Dream Machine Pro ~ First Impressions Read More »

For many CISOs, “what’s the ROI from our cybersecurity tools?” is one of the most difficult questions they face during a board meeting. While it should be a simple question, it’s not easy to answer. Often CISOs may deflect and use operational security metrics, such as mean time to patch. However, operational security metrics aren’t …

Dear CISO, What’s the ROI of Our Cybersecurity Investments? Read More »

The Conti ransomware group —a.k.a. Wizard Spider; a.k.a. TrickBot; a.k.a Ryuk—is one of the most prolific ransomware gangs around. It is believed to have been active, in various incarnations, since about 2016. Just in the last year, Conti is believed to be responsible for high profile attacks, including the city government in Tulsa, Oklahoma and …

Conti pivots as ransomware as a service struggles Read More »

The web3 environment is both centralized and decentralized because of the intersection between some centralized entities and decentralized protocols. Conversely, navigating the decentralized aspect of the web3 space requires some basic understanding of the space. The decentralization of blockchain embodied various attributes and security responsibilities and as a decentralized environment, we must step up and …

Web3 Security: Tips to Protect Yourself and Your Crypto Wallet from Hackers Read More »

By Kim Crawley The hacktivist group Anonymous recently made headlines for its declaration of a “cyber war” against Russia in response to President Vladimir Putin’s decision to invade neighboring Ukraine. This is just one of many high-profile hacks claimed by Anonymous in the past decade.  While Anonymous may be famous for their politically motivated, and …

WE’RE IN! Episode 15: Anonymous, Their History and Influence on Today’s Hacker Culture Read More »

#top .av-special-heading.av-knywxz-07e1449a02ef1427737d314fde503927{ padding-bottom:10px; } body .av-special-heading.av-knywxz-07e1449a02ef1427737d314fde503927 .av-special-heading-tag .heading-char{ font-size:25px; } .av-special-heading.av-knywxz-07e1449a02ef1427737d314fde503927 .av-subheading{ font-size:15px; } Monthly Threat Actor Group Intelligence Report, January 2022 (ENG) This document is an overview of threat actor group activities as analyzed by NSHC ThreatRecon team, based on data and information collected since 21 December 2021 to 20 January 2022. #top .av-special-heading.av-jscl07-7d95ff2076e27f805218e05beca8ef0d{ …

Monthly Threat Actor Group Intelligence Report, January 2022 (ENG) Read More »

Estimated reading time: 3 minutes The Internet, as we all know it, is approaching a crossroads. The issues it’s currently facing are associated with the centralized model of computing (top-down, data-driven, and not necessarily human-centric), during which a finite number of private entities control the information. In this blog, we have explained how Web 3.0 …

Explained: What is Web3.0 and Why Does it Matter? Read More »

Disclosure: This post focuses on Jscrambler, a JavaScript protection product to which the author is affiliated (as CTO). Node.js is an extremely popular and open-source JavaScript runtime environment to create server-side applications. This tutorial will explain how to integrate Jscrambler seamlessly into the build process of a typical Node.js app in just a few minutes. …

Defend your Node.js Apps With Jscrambler Read More »

The rapid growth of digital involvement in our daily activities has increased the level of exposing our personal data on the web more than ever. In fact, a recent report shows that Global internet users have climbed to 4.95 billion at the start of 2022, with internet penetration now standing at 62.5 percent of the …

Cybersecurity Tips To Protect Yourself From Sudden Attacks Read More »

AI and blockchain technologies have been working side by side to protect users in cyberspaces. Personal data, financial transactions, and other sensitive information required to complete daily online tasks are stored by third parties. Cybersecurity has become a persistent threat to governments, national institutions, businesses, and customers in the past decade. If we are discussing …

How AI Can Protect the Blockchain Read More »