Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

How MongoDB built a successful security champions program

We recently spoke with Amy Berman, Security Strategic Operations Lead at MongoDB about the role of security champions at her organization. For those new to the concept, security champions are developers that have an interest in security and can facilitate collaboration between development and security teams.

Malware analysis: Hands-On Shellbot malware

Malware analysis is a fundamental factor in the improvement of the incident detection and resolution systems of any company. The Sysdig Security Research team is going to cover how this Shellbot malware works and how to detect it. Shellbot malware is still widespread. We recorded numerous incidents despite this being a relatively old and known attack that is also available on open Github repositories.

Five Pillars of a Powerful Security Awareness Program

It seems that we might be getting to the tipping point in the corporate world where most organizations and businesses recognize they’re exposed to an increasing amount of cybersecurity risk. And with bad guys devoting a large portion of their strategy to targeting employees, the need for effectively training employees is intensifying. But before you begin to evaluate or build a program you need to first define and cement what it is you are looking to accomplish with your program.

Benefits and Risks of Social Media

Social media can be a great way to stay connected with friends and family, but it also poses risks. In this blog post, we will explore the dangers of social media for kids, teens, individuals and businesses as well as the benefits. We will talk about the social media risks and how to protect yourself from them. There are many ways that you can reduce your risk when using social media sites like Twitter or Facebook.

Citizen Developers Security Awareness

Citizen developers are now producing the types of applications once reserved for professional programmers. By using the low-code/no-code capabilities found in low-code application development platforms (LCAP), business workflow automation or RPA, they can bypass drawn-out development processes and reap the benefits of speed and efficiency. Perhaps even more significant is the resulting efficacy—because who knows better than the citizen developer what the company needs to solve its pain points?

The Key to Solving Ransomware, Insiders, and Data Theft

The common theme across ransomware, insider threats, and data theft is the exfiltration of data. While threat research labs usually publish the process steps of ransomware encryption, keys, and disk clean-up, the parts about accessing the data and exfiltration are often left out. Also, one security solution does not solve the problem itself, making partner integrations vital to the success of security solution stacks.

Microsoft + Corelight partner to stop IoT attacks

When you hear the term “Internet of Things,” (IoT) do you picture home devices like lightbulbs, smart assistants, and wifi-connected refrigerators? Perhaps you think of enterprise devices like video conferencing systems, smart sensors, or security cameras? Or maybe traditional office equipment like VoIP phones, printers, and smart TVs come to mind. No matter what devices you imagine, IoT represents an ever-expanding attack surface.

Lookout Data Shows Already Strained Energy Industry Faced With 161% Surge in Mobile Phishing

A few months ago, the largest U.S. pipeline operator, Colonial Pipeline, was forced to halt operations for nearly a week due to a ransomware attack. While it ultimately didn’t stop consumers from buying gasoline, the incident forced the company to pay $4.4 million in ransom payment and illustrated just how vulnerable energy organizations are to cyberattacks.

8 Daily Practices to Avoid Cybersecurity Burnout

Burnout happens when job demands such as workload, time-pressure, and difficult clients are high as well as when job resources including quality leadership, autonomy and decision authority, recognition, and strong relationships are lacking. The field of cybersecurity is particularly difficult, but that doesn’t mean burnout is inevitable, and it doesn’t mean you can’t recover after experiencing burnout.

What Types of Security Capabilities Do Managed Service Providers (MSP) Offer?

Last time, I discussed the four basic types of managed service providers (MSPs) with which organizations commonly partner. Those categories help to determine the types of services offered by MSPs. In general, MSPs provide five primary services to customers.