During my time as a penetration tester, I’ve seen many IT teams storing server catalogs with respective IP addresses and passwords in a sharable Excel sheet. This is more so true in windows server infrastructure as many organizations resort to password-based auth for local and remote access. Of course, security-conscious organizations would use a password vault. But in any case, password storage in any form is often an Achilles heel in infrastructure security.

Indicators of Attack (IOAs) demonstrate the intentions behind a cyberattack and the techniques used by the threat actor to accomplish their objectives. The specific cyber threats arming the attack, like malware, ransomware, or advanced threats, are of little concern when analyzing IOAs. Instead, only the sequence of events leading to the deployment of a cyber threat are considered in this cybersecurity strategy.

The Lightweight Directory Access Protocol (LDAP) is an open-source application protocol that allows applications to access and authenticate specific user information across directory services. LDAP is a lightweight version of Directory Access Protocol (DAP) LDAP works on both public networks and private intranets and across multiple directory services, making it the most convenient language for accessing, modifying, and authenticating information in any directory.

The United States Department of Defense (DoD) views securing the supply chain and the Defense Industrial Base (DIB) as one critical pillar in protecting national security. Dedicated security requirements exist for the protection of federal information systems as well as classified information based on the NIST 800-53 standard. However, several years ago, a gap was identified in the security requirements for the protection of non-federal systems and controlled unclassified information (CUI).

If you enter the term “Purdue Model” into your favorite search engine, the resulting images will vary considerably. There’s almost no better way to stir up an Operational Technology (OT) security conversation than to begin debating what belongs on Level 1 or Level 3 of the model. You might even find some diagrams place operator Human-Machine Interfaces at Level 3. Notably, the original 1990 publication defines “operator’s console” as a Level 1 entity.

2021 has been another challenging year for businesses, not least because of the ongoing wave of cyberattacks. Everyone is hoping for some good news in 2022, but realistically, cybercrime slowing down won’t be on the agenda. Cybersecurity and avoiding the threat of data breaches is going to be front of mind for many going into next year. We’ve spoken to two members of our leadership team who’ve shared their thoughts on four trends we’re likely to encounter in 2022.

20th August 2021, dawned a new era for China’s cybersecurity with the passing of China’s Personal Information Protection Law (PIPL) which is the first comprehensive legal attempt to define personal information and regulate its storing, transferring, and processing.

Everyday thousands, if not millions, of dollars are wasted on delays and reworks caused by project teams not having access to the latest files. And while there are myriad reasons for this waste, one of the biggest culprits is field teams' inability to easily access CAD files on-site. Computer-aided design, or CAD, has become the backbone of most construction projects because its precision improves design quality and facilitates better communication through documentation.

Welcome to Elastic’s Log4j2 vulnerability information hub. Here we will explain what the specific Log4j2 vulnerability is, why it matters, and what tools and resources Elastic is providing to help negate the opportunity for malware exploits, cyberattacks, and other cybersecurity risks stemming from Log4j2.

After the Covid-19 pandemic accelerated digital transformation and shifted businesses to online first, cyber-attackers exploited a broader, more sophisticated attack vectors. The rollout of 5G, reliance on supply chains, and increased use of application programming interfaces (APIs) means businesses have more cyber-related vulnerabilities.