As organizations continue to move their business operations into the cloud, the expanded attack surface generated by the “digital transformation” continues to present new opportunities for threat actors. Luckily, strategies to mitigate these new risks do exist and, as always, these center around the techniques and tactics of the adversaries.
In Q3 2022, Kroll saw insider threat peak to its highest quarterly level to date, accounting for nearly 35% of all unauthorized access threat incidents. Kroll also observed a number of malware infections via USB this quarter, potentially pointing to wider external factors that may encourage insider threat, such as an increasingly fluid labor market and economic turbulence.
The cybersecurity industry has seen a lot of recent trends. For example, the proliferation of multifactor authentication (MFA) to fight against credential harvesting is a common thread. Threat actors have been creating legitimate-looking phishing campaigns, which have been a big driver for this trend. Although some of the tools for MFA can be complex, proper authentication/authorization is an absolute fundamental that every enterprise should embrace.
Since the start of 2022, multiple law enforcement agencies worldwide have been taking action targeting organized cyber crime activity, including cyber criminals behind phishing and BEC scams, dark web forums, or malware distribution. Here’s Top 10 of the most notable law enforcement ops against cyber crime carried out in the past ten months.
Supply chain risk continues to make headlines, from Solarwinds and Kaseya to last week’s announcement of a patch for the OpenSSL vulnerability, and the latest cybersecurity review from the U.K.’s National Cyber Security Centre highlights the serious threats posed by supply chain attacks.
Today, I would like to show you to a simplified fuzz testing approach that enables secure coding of C and C++ applications. If you read this article to the end, you will learn about an automated security testing approach for C/C++ that can protect your applications against all sorts of memory corruptions and other common C/C++ vulnerabilities.
We like to get things done at 1Password, which is why we’re such big fans of Quick Access in 1Password 8.
The Corelight Labs team prides itself on the ability to create novel Zeek and Suricata detection content that delves deep into packet streams by leveraging the full power of these tools. However this level of additional sophistication is not always required: sometimes there are straightforward approaches that only require queries over standard Zeek logs. It’s always valuable when developing detections to keep in mind that “sometimes simple does just fine.”
As cyber threats intensify and the human and financial resources available to deal with them remain limited, there is a growing need for automation in cybersecurity. The intelligent automation of key cybersecurity processes can significantly improve an organization’s posture and at the same time support under-pressure employees by reducing reliance on manual processes.
Change detection is easy. What is not so easy, is reconciling change. Change reconciliation is where most organizations stumble. What was the change? When was it made? Who made it? Was it authorized? The ability to answer these questions are the elements that comprise change management. Historically, the haste of accomplishing a task consisted of a sysadmin moving full-speed ahead to satisfy the needs of the business.
