After a year full of unknowns and new normals, knowledge is power. The spike in cyber breaches in the past year, compounded by COVID-related attacks, has only increased the importance of cyber threat intelligence (CTI). The 2021 SANS Cyber Threat Intelligence survey, sponsored by ThreatQuotient, explores the state of play in the global use of CTI and outlines why the difficulties of the past year have contributed to the continued growth and maturity of CTI.

Netskope is proud to have contributed once again to Verizon’s annual Mobile Security Index —one of the most influential reports in the industry for evaluating mobile security trends. This report is based on a survey of hundreds of professionals responsible for buying, managing, and securing mobile and IoT devices.

Intel 471 researchers have identified a new malicious document builder, dubbed “EtterSilent,” leveraged by various threat actor groups. One of the build options is a weaponized Microsoft Office document (maldoc) that uses malicious macros to download and execute an externally hosted payload. The maldocs pose as templates for DocuSign, a cloud-based electronic signature service.

Where were you when you first heard about the SolarWinds breach? It’s not unusual for information security professionals to learn about a breach. Keeping track of the news is part of the job. The SolarWinds attack, however, was different for two primary reasons. First, it reached the level of mainstream news. The majority of breaches stay mostly in the industry press.

Organizations are recognizing that data security compliance is a foundational element of any successful business. The demand for compliance officers, IT security professionals and data protection officers is growing; spending on compliance programs is increasing; and businesses are treating compliance as a key part of their overall strategy. Some compliance teams are still struggling to secure the resources and personnel needed to build a robust and proactive compliance program.

Financial services are big targets for cybercrime. As the world shifts from physical to online, credit unions are doubling down on web applications to improve access and ensure vital financial services for their members. But with that comes greater security risks. In this benchmark study, we analyze the Top US Credit Unions with our attack surface analysis tool to highlight security weaknesses they should watch out for.

By the end of 2020, Microsoft 365 was used by more than one million companies worldwide. And for good reason. With the move to remote work, applications like Word and Excel, Teams, OneDrive and SharePoint, provided businesses with a familiar, easy to access, and easy to use productivity suite – all available in the cloud.

Traditionally, when selecting a bot management solution, businesses have chosen a multi-purpose security bundle bolted on to a content delivery network (CDN), typically a product such as an Akamai or CloudFlare CDN. While bolt-on bot solutions have their benefits, they lack the comprehensive feature set needed to combat the ever-growing bot threat.

With software supply chain attacks on the rise, are you wondering how you can recover quickly from the recent SolarWinds breach at your company? Months after its discovery, the devastating SolarWinds hack remains a top concern for business, government and IT leaders. This destructive supply chain attack put the spotlight on software development security — a critical issue for the DevOps community.

Companies of all sizes need clear and cohesive security visibility over every aspect of their organization. As data and assets are trending to mobile, it’s critical to be equipped with the right tools to gain insights on mobile devices and users on the endpoints and mitigate threats whenever needed.