Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Review and Approve Part 11-Compliant Regulated Documents with Egnyte for Life Sciences

Life sciences teams are more decentralized than ever, yet the need for speed persists. Even before the pandemic, the ability to bring together quality, clinical, and regulatory personnel to hit project timelines is what separated successful projects from those that languished. The pandemic added another barrier to an already complex venture.

Case Study - Electronic Gift Card Fraud Investigation Uncovers Contractual Risks

Having closed brick-and-mortar operations on March 16, 2020 for safety reasons, the nearly overnight shift to a purely e-commerce revenue model brought uncertainty. However, a rapid uptick in online sales provided a sense of relief, albeit short-lived. Our client became concerned when a closer look at the online transactions revealed an unusually large volume of electronic gift card purchases made using their private label credit card.

Are Your IT Infrastructures Up to Date with the Cybersecurity Compliance Laws in 2021?

It’s an unfortunate fact that cybersecurity is rarely the foremost of concerns among small- to medium-sized businesses. However, investing in cybersecurity is becoming even more important as these organizations undergo digital transformation. It may seem like there are more important priorities on which a small business could focus, but putting your company and your customers at risk of a cyberattack can have huge consequences.

Brexit Update: What The Trade Deal Means for UK Businesses

As you may be aware, prior to the end of 2020 there was a lot of debate about what would happen to GDPR on 1st January. Given that the trade negotiations went down to the wire, we were all left in the dark until the deal was done on Christmas Eve. But what are the main headlines from this deal and, more importantly, what do they mean for UK businesses?

Understanding Cloud as an Attack Vector

In December, Netskope Threat Labs presented our work, “Cloud as an Attack Vector,” at the 23rd International AVAR Cybersecurity Conference. The Association of Antivirus Asia Researchers (AVAR) is a non-profit organization with members from 17 countries and facilitates knowledge sharing, professional development, networking, and partnering for cybersecurity experts and organizations. Ours was one of 27 presentations from 14 different countries featured at the conference.

AppSec Bites Part 3: Has the New Virtual Reality Created Opportunities for AppSec?

Over the past several months, many organizations have had to shift their operations to a fully digital platform. This sudden shift was more challenging for some industries, like government, than other industries, like technology. And aside from having to adapt to fully remote operations, many organizations were also subject to tighter budgets, forcing them to become more efficient.

The 2021 Security Playbook for Remote-first Organizations

The sudden shift to remote work in 2020 exposed companies to a variety of new security challenges. Start off 2021 right by reviewing the seven most crucial areas of security for emerging remote-first organizations. Continue reading below or feel free to download a copy of this playbook. We’ll also include our free Post-COVID Security Checklist as a reference you can keep in your back pocket.

A Path to Proactive Security Through Automation

The sheer number of cyberattacks launched against organizations every year is massive and growing. If you’re a security analyst working in a SOC or security team, tasked with defending your organization, that means you’re getting bombarded by many more attacks than the recorded numbers above would suggest. These attacks translate into security alerts — fired from your various security tools — that you must investigate and resolve.

SrClient DLL Hijacking: a Windows Server 2012 0-day that won't be patched

I recently discovered that all versions of Windows Server 2012 (but not Server 2012 R2) are affected by a DLL hijacking vulnerability that can be exploited for privilege escalation. Moreover, the flaw can be triggered by a regular user and does not require a system reboot. Sounds like a pretty big deal, right? Well, not according to Microsoft, unfortunately.