You may not be familiar with NTFS file streams, but you use them every day when you access files on any modern Windows system. This blog post explains this feature of NTFS ADS, shows how hackers can exploit file stream functionality in cyberattacks, and offers strategies for defending your organization.
Covenant is one of the latest and greatest command and control (C2) post-exploitation frameworks. This post will walk you through the process of configuring Covenant and using it to execute payloads on compromised hosts. Note: This post demonstrates the capabilities of Covenant as of mid-September 2019.
Sudden, unexpected, and potentially very damaging. Zero-day attacks are the perfect storm for malicious actors and one of the worst-case scenarios for developers, security professionals, and DevOps teams. Yet it’s not all bad news for those charged with protecting your code, software, and applications, as long as you expect the unexpected and prepare for it. Building a fast, effective mitigation response for zero-day attacks starts with these three tactics.
Editor’s note: This is Part 3 of a five-part cloud security series that covers protecting an organization’s network perimeter, endpoints, application code, sensitive data, and service and user accounts from threats. In Parts 1 and 2 of this series, we discussed the importance of protecting the boundaries of networks in cloud environments and best practices for applying efficient security controls to endpoints.
When it comes to cyber security, there are a few benefits of doing regular cyber risk assessments. Read on for more information.
If you want to keep your business network online, investing in 24/7 security monitoring is a great option. Here's what you need to know.
The National Cyber Security Centre (NCSC) recently published important cybersecurity guidance to help protect retailers, which comes right as the holiday shopping season is in full swing. Retail organizations are no strangers to cyber attacks. In fact, some recent large-scale retail industry cyber attacks have included popular brands such as Guess, Under Armour, CVS Health, Home Depot, and Target.
When protecting your SDLC, you must choose. But choose wisely. For as the True Grail will bring you life. The False Grail will take it from you.
Phishing is a type of attack that attempts to steal your personal information, such as your login credentials or credit card details. Cybercriminals use phishing attacks to gain access to your account and steal your data. In this blog post, we will discuss how to identify and avoid phishing attacks. We will also provide tips on how to protect yourself from these types of attacks.
