Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

The Invisible Battleground: Essentials of EASM

Know your enemy – inside and out. External Attack Surface Management tools are an effective way to understand externally facing threats and help plan cyber defenses accordingly. Let’s discuss what EASM is, how to use it, and what other pieces are involved to help one see through the fog of war that is your external network security posture.

EDR - The Multi-Tool of Security Defenses

This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. If your organization has computers, and I’m sure it does, then it's likely it has an Endpoint Detection and Response (EDR) solution installed. Since the capabilities of EDR solutions have changed over the years, it’s recommended to re-evaluate the solution’s features periodically to ensure it is up to date.

Unlocking the Power of Offensive Security: Trustwave's Proactive Approach to Cyber Defense

Clients often conflate Offensive Security with penetration testing, yet they serve distinct purposes within cybersecurity. Offensive Security is a broad term encompassing strategies to protect against cyber threats, while penetration testing is a specific activity where security teams test system vulnerabilities. At its essence, Offensive Security isn't just about reacting to vulnerabilities; it's about actively hunting down and neutralizing potential threats before they wreak havoc.

Behind the Scenes of the Change Healthcare Ransomware Attack Cyber Gang Dispute

April 16, 2024: UnitedHealth Group, parent of Change Healthcare, reported on April 16, 2024 in its Q1 results a negative impact of $872 million “in unfavorable cyberattack effects” due to cyberattack direct response costs and the business disruption impacts. The company anticipates additional costs associated with the attack.

Law Enforcement Must Keep up the Pressure on Cybergangs

The (apparent) takedown of major ransomware players like Blackcat/ALPHV and LockBit and the threat groups’ (apparent) revival is a prime example of the Whack-a-Mole nature of combating ransomware gangs that often takes place. However, this level of difficulty doesn’t mean the pressure should be relieved.

Effective Cybersecurity Incident Response: What to Expect from Your MDR Provider

Companies engage with a managed detection and response (MDR) provider to help ensure they detect cyber threats before they do any damage. The "response" part of the MDR moniker is key to that effort, making it vital to determine up front exactly what your chosen provider will do when it detects a threat in your environment.

The Secret Cipher: Modern Data Loss Prevention Solutions

This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. Far too many organizations place Data Loss Prevention (DLP) and Data Protection at the bottom of their priority list due to the perceived difficulty in its deployment. When there are in fact some easy approaches to getting started with protecting your data.

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway

A command injection vulnerability has been discovered in the GlobalProtect feature within Palo Alto Networks PAN-OS software for specific versions that have distinct feature configurations that may enable a remote, unauthenticated attacker to execute arbitrary code with root privileges on the firewall. These specific versions require configurations for GlobalProtect gateway and device telemetry enabled.