Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Don't let supply chain security risks poison your organization

Supply chain security risks are not new, but recent headlines are a reminder for consumers to re-examine their security practices. The story about the guy who hit his mule between the eyes with a 2×4 to “get his attention first” so the beast would then obey his gently whispered commands is memorable because it uses humor to make a serious point: Don’t wait to get clobbered before you pay attention to exhortations about what you ought to do.

Splunk for OT Security V2: SOAR and More

In the last 90 days, the news of cyberattacks on critical infrastructure has been stunning. From the unprecedented breach represented by Sunburst to the more recent bone-chilling attack at the Oldsmar water facility, the urgency to secure critical infrastructure in transportation, utilities, energy, water, critical manufacturing, telecommunications, healthcare, government facilities and the defense sector has never been higher.

Human Resource and Security Teams Should Work Jointly to Reduce the Risk of Cyberattacks

COVID-19 has not only changed the way we live but also forced many changes to standard business processes. This article will explore some challenges around human resource (HR) hiring, offboarding and contracting activities. As companies in multiple jurisdictions continue to look for advice from state and federal authorities on COVID-19 safe work plans, this article offers some security considerations from a physical security as well as cyber security perspective.

How to prevent supply chain attacks with Honeytokens

Honeytokens act like tripwires, alerting organizations of malicious threats lurking at the footsteps of their sensitive data. They're a very effective intrusion detection system. So effective, in fact, that the European Union Agency for Cybersecurity (ENISA) highly recommends their use in network security. If strategically distributed thought an ecosystem, honeytokens could event prevent supply chain attacks.

Securing your modern software supply chain

Software supply chain security concerns are more prevalent than ever. The U.S. Pentagon, Department of State, Department of Homeland Security, Microsoft, FireEye – this is just a partial list of the government agencies and companies hacked as a result of the attack on SolarWinds’ proprietary software – the Orion network monitoring program.

SolarWinds Orion Security Breach: A Shift In The Software Supply Chain Paradigm

The recent SolarWinds breach highlights a new paradigm in the Software Supply Chain. When compared simply to the code itself without any additional tools, Proprietary Code is no more secure than Open Source. By contrast, many would argue that Open Source Code is more secure due to a faster fix/patch/update cycle and the pervasive access to source code (Clarke, Dorwin, and Nash, n.d.).

What is Social Engineering?

The phrase “social engineering” sounds innocuous — but, this approach to hacking threatens organizations of all sizes. Social engineering may be an unfamiliar term, but the attacks that fall under this category are well-known. For instance, phishing attacks and ransomware attacks have seen massive increases in the last year. By some estimates, ransomware is up 700% and phishing campaigns are up over 200%.

How to prevent supply chain attacks with an Assume Breach mentality

Supply chain attacks are on the rise, yet few businesses are equipped to face this threat. This could be due to a growing despondency towards cybersecurity in light of the SolarWinds attack. If the nation-state hackers were sophisticated enough to bypass highly-secure Government agency critical infrastructures, how could any organization prevent a supply chain attack? The answer is a change of mindset - don't assume a supply chain attack might occur, assume it will occur.

The SolarWinds Hack: What Went Wrong With Missing Alarms and How To Fix It

A few days ago, on February 23, the US Senate Intelligence Committee held a hearing with executives from SolarWinds, FireEye, CrowdStrike and Microsoft about the SolarWinds hack. It’s worth listening in full, but we want to focus on one particular aspect described by the participants – the malware shutting down endpoint monitoring agents.

XSS Attack Examples and Mitigations

Cross-site scripting (XSS) is an attack that allows JavaScript from one site to run on another. XSS is interesting not due to the technical difficulty of the attack but rather because it exploits some of the core security mechanisms of web browsers and because of its sheer pervasiveness. Understanding XSS and its mitigations provides substantial insight into how the web works and how sites are safely (and unsafely) isolated from each other.