Data destruction is an aggressive attack technique observed in several nation-state campaigns. This technique under MITRE ATT&CK 1485, describes actions of adversaries that may “..destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources. Data destruction is likely to render stored data irrecoverable by forensic techniques through overwriting files or data on local and remote drives”.

For some organizations, even the best isn’t quite enough. That’s why JFrog Xray provides a way for you to specify your own additional data, to detect even more sensitive issues in your binaries before they can reach production. JFrog Xray is a tool for DevSecOps teams to gain insight into the open source components used in their applications.

There are many SecurityScorecard alternatives that offer the same core functionality your organization needs to successfully manage first-party, third-party and fourth-party risk. SecurityScorecard is one of the most well-known security ratings platforms but let's look at an alternative and see how they stack up. These security ratings providers are promising to reduce cybersecurity risk by continuously monitoring the security posture of any company in the world, instantly and non-intrusively.

Canadian online pharmacy PlanetDrugsDirect.com has contacted customers warning them that their data might have been exposed in what they euphemistically describe as a “data security incident”. In an email seen by Bleeping Computer, the website warned that exposed personal data could include the following: The email is, unfortunately, somewhat lacking in detail – meaning that concerned customers may have to contact PlanetDrugsDirect via email or telephone to ask questions.

Learn how INETCO helped banks, credit unions and payment service providers improve customer experience, detect fraud faster and optimize transaction performance in 2019.

Bearer's co-founders Guillaume and Cédric are big advocates for remote work. Both have written about the advantages and challenges in the past on the Bearer Blog, but today I want to share some thoughts from our team on what it's like working for a distributed, fully remote company. A few main trends came up. Some expected, and a few surprising.

Bearer's co-founders Guillaume and Cédric are big advocates for remote work. Both have written about the advantages and challenges in the past on the Bearer Blog, but today I want to share some thoughts from our team on what it's like working for a distributed, fully remote company. A few main trends came up. Some expected, and a few surprising.

AWS VPC Flow Logs record details about the traffic passing through your application, including requests that were allowed or denied according to your ACL (access control list) rules. It also has information about the IP addresses, and ports for each request, the number of packets, bytes sent, and timestamps for each request. This information brings deep visibility and the ability to improve your security posture over time.

In 2019, several industry analyst reports confused the threat groups Molerats and APT-C-37 due to their similarity, and this has led to some confusion and inaccuracy of attribution. For example, both groups target the Middle East and North Africa region (with a special emphasis on Palestine territories). And, they both approach victims through the use of phishing emails that contain decoy documents (mostly in Arabic) and contain themes concerning the political situation in the area.

Not long ago, Microsoft announced the upcoming launch of its all-new version of the Edge browser that’s built on Chromium. The launch date for the new Chromium-based Edge browser, January 15, 2020, is almost here, and we on the Browser Security Plus team are ready to provide Edge browser management support for all versions. How can Browser Security Plus manage the new Edge?