Attaining a strong cyber security posture is a multi-layered process and includes various essential components. Among those, insider threat detection holds unignorable importance. Therefore, it is crucial to obtain a deeper understanding of what insider threat detection is. Basically, an insider threat is a security risk that’s originated within the boundaries of the organization itself. Unlike outside attacks, insider threats are mainly caused by employees.

Protecting yourself when paying online is very important. It’s a scary thought, but fraudsters have lots of ways to sneak in and steal credentials, bypass security and make victims of online shoppers. As we have discussed previously on this blog, criminals don’t just rely on traditional “hacks” to exploit technology. Increasingly, bad actors are using sophisticated bots to exploit business logic in order to breach security and carry out attacks.

The scale of the challenge facing the healthcare sector, even before COVID-19, was significant. In 2020, it became even more pressing with constant reports of critical infrastructure being targeted by cybercriminals. To understand the unique challenges within the NHS, we submitted a Freedom of Information (FOI) request to every trust in the UK.* The results, when compared with those in relation to a previous request in 2018, suggest improvements in cyber security across the NHS. Key Findings.

The pandemic has put a lot of things on hold over the last year, but medical device security shouldn’t be one of them. The millions of medical devices that help keep people healthy—and in many cases keep them alive—have drawn mixed reviews from security experts since the internet happened. Even more so in the past year since the pandemic happened. There is just about unanimous agreement that the benefits of those devices outweigh the risks.

Hey there, We recently ran a series of webinars* on how different-sized cybersecurity teams modernized their security operations and embedded polling questions within the webinars to gather some feedback. A set of possible answers was selected based on the ENISA NIS Investments report. In this blog post I’d like to share the results of the polls and the conclusions we can draw from them.

In January and February of 2021, the threat actor called Hafnium used a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched).

Software supply chains are mission-critical for digital businesses, and as global conditions accelerate the growth in contactless interactions and transactions, many organizations are reviewing how to solve the challenge of scaling the volume and velocity of their software development and release processes to meet the digital demand. The latest JFrog Platform release delivers a rich payload of new capabilities to scale and secure the software supply chain for digital businesses.

There are few books in history that are still considered to be as valuable today as when they were written and “The Art of War” is one of them. Written in 5th Century BC, it is still considered today to be essential reading in many fields, including business. It has been quoted in a ton of movies, books and media more times than you can probably count.

At the time it was first introduced, a penetration test accurately represented how an attacker was likely to target a network. Today, that is no longer the case. As digital networks and business processes have evolved, so too have their security needs.