Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Understanding Allow anonymous SID/Name translation in Windows

In a network each user, whether verified or not, is given a security identifier (SID), a virtual name tag. This unique identifier helps with managing users, giving administrators the ability to control on an individual level the rights and permissions of users, authentication and providing an overall level of security. A SID also hides private information of users such as the real names of the accounts, adding an additional layer of protection.

10 Information Security Policies Every Organization Should Implement

Creating and implementing information security policies (ISPs) may seem like a formality to some. However, ISPs can form the backbone of your organization’s data security posture. Information security policies and procedures may help you prevent breaches of sensitive data as well as safeguard your reputation and finances by defining what’s allowed within your organization and what’s not. Nonetheless, developing an efficient security policy may be a lengthy and daunting task.

CrowdStrike Falcon Wins Best EDR Annual Security Award in SE Labs Evaluations

The CrowdStrike Falcon platform has received the Best Endpoint Detection and Response 2024 Award from SE Labs for the third consecutive year. This award honors CrowdStrike’s leadership in demonstrated detection, prevention and investigation capabilities.

Vendor Risk Management Assessment Matrix (Clearly Defined)

A vendor risk management assessment matrix could enhance your visibility into vendor risk exposure, helping you make more efficient risk management decisions. In this post, explain what a vendor risk assessment matrix is, how to use it, and provide a step-by-step guide for designing your own.

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway

A command injection vulnerability has been discovered in the GlobalProtect feature within Palo Alto Networks PAN-OS software for specific versions that have distinct feature configurations that may enable a remote, unauthenticated attacker to execute arbitrary code with root privileges on the firewall. These specific versions require configurations for GlobalProtect gateway and device telemetry enabled.

UK Councils Under Cyber Attack: The Urgent Need for a Culture of Cybersecurity and Resilience

The very fabric that stitches our society together — our councils and local governing bodies — is under a silent siege from cyber attacks. The recent ransomware assault on Leicester Council is another real life cybercrime added to a growing list of attacks in the UK.

What is Incident Response?

Incident response is a crucial aspect of cybersecurity that involves identifying, containment, eradicating, and recovering from security incidents. It is designed to minimise the impact of security breaches, protect sensitive data, and restore normal operations as quickly as possible. To facilitate a smooth incident response, organisations should create a comprehensive checklist that outlines the necessary steps, resources, and communication channels.

The Power of Red and Purple Team Drills in Enhancing Offensive Security Programs

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are vulnerable and which security areas need improvement.

Splunk SOAR Playbook of the Month: Cisco Umbrella DNS Denylisting

Given the recent exciting news of Splunk becoming part of Cisco, for this edition of Splunk SOAR Playbook of the Month, we thought what better way to showcase how the combination of Cisco and Splunk can help users achieve more comprehensive security than through a playbook that combines the power of Cisco Umbrella and Splunk SOAR.

Unveiling the KryptonZambie Leak of PureB2B.co.uk Database

In the ever-evolving landscape of cybersecurity threats, staying ahead of potential risks is paramount. Today, we delve into a recent breach uncovered by the Foresiet Threat Intelligence Team. Our focus centers on the infiltration of PureB2B.co.uk's database by the threat actor known as KryptonZambie, shedding light on the implications and strategies for mitigation.