Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Weekly Cyber Security News 28/02/2020

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Such a wonderful selection to pick from this week, but of course, my favourite are IoT fails. While most are quite ridiculous and generally limit the risk, a new product on the market has elevated the risk of serious damage by introducing the remote control of real fire!

Beware secret lovers spreading Nemty ransomware

Digital attackers are sending around love-themed malicious emails in an attempt to infect recipients with the Nemty ransomware. If you’ve been kicking around in the world of IT security for more years than you’d like to admit, then you’ll surely remember the ILOVEYOU virus (also known as the “Love Bug” or “Loveletter”).

What is a Data Breach and How It Can Be Cured? (Part 2)

There are several types of data or information that can be leaked during a data breach. This include: Though hackers are fast and sophisticated in their operations, nevertheless, some best practices and efficient security tools can help organizations and individuals contain this problem. Here is some help.

How to Stop Phishing Attacks: Lessons Learned From the JPMorgan Chase SOC Team

Phishing attacks aren’t going away anytime soon. The numbers from Verizon’s 2019 DBIR Report and SANS Institute prove only one thing: When you’ve done all you can to protect against phishing attacks, that means it’s time to do more.

Featured Post

The Relationship Between Risk Management and Process Improvement

In today's highly competitive world, businesses need to adjust to changes quickly. Any change in organizational structure, customer preference, competitor strategy, regulatory requirements all pose uncertainties to a company. If you want to remain ahead of the curve, you need to adopt a risk management plan and focus on the continuous improvement of your processes.

Online payment security: 8 Steps to ensure safe transactions

Online shopping has become an increasingly popular trend in the past few years as people find it more convenient to buy from the comfort of their homes. You can get pretty much anything and everything from online stores: groceries, clothing, jewelry, electronics and other household items. Yet, we need to consider for a moment if all these online financial transactions taking place are safe – and how can we ensure our protection from online frauds such as identity theft and phishing attacks.

IT security: Keep calm and monitor PowerShell

In our last release of the PowerShell security series, we talked about how PowerShell could be leveraged by malicious actors to gain unprecedented access to your organization’s critical assets. From enumerating sensitive domain information and carrying out credential-based attacks to running malicious executables in memory (file-less malware), we shined a light on the potential of PowerShell and why it’s an ideal weapon for cyber attackers today.

Securing IaaS, PaaS, and SaaS in 2020 with a Cloud SIEM

As the cloud continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and - above all - significant security benefits. It’s no wonder that so many businesses have already adopted all three of these models.

Using BPF to Transform SSH Sessions into Structured Events

Teleport 4.2 introduced a new feature called Enhanced Session Recording that takes an unstructured SSH session and outputs a stream of structured events. It’s the next step in Teleport’s evolution that uses new technology (eBPF or now simply known as BPF) to close some gaps in Teleport’s audit abilities. Below you can see an illustration of this feature and if you keep reading, we’ll get into some of the technical details.