Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

How to Scan GitHub Repositories for Committed Secrets and other Code Snippets

In 2019, GitHub estimates that over 44 million repositories were created, and over 10 million new developers joined the platform. This comes as no surprise, as GitHub is the world’s largest host of source code. With that designation comes a substantial volume of committed code.

5 steps to improve cyber security as your employees return to the workplace

During the COVID-19 pandemic, more UK employees have worked from home than ever before. According to a YouGov survey, around one in five people went from never working from home to doing so constantly. Coronavirus and the resulting lockdown have significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside the workplace. This has been compounded by threat actors seeking to exploit the crisis.

What is Incident Response?

As new types of security incidents are discovered, it is absolutely critical for an organization to respond quickly and effectively when an attack occurs. When both personal and business data are at risk of being compromised, the ability to detect and respond to advanced threats before they impact your business is of the utmost importance.

What you need to know about securing your APAC business and the recent data law changes

Data breaches are growing in frequency and intensity amidst the recent Coronavirus pandemic, having increased by nearly 273% in the first quarter compared to the same time frame last year. In fact, 2020 may very well be remembered as the year when cybersecurity became a business problem rather than a technology issue. The driving factor here is the recent shift in workforce culture. More and more organizations are now setting up remote working teams.

Leaving Bastion Hosts Behind Part 3: Azure

This post is the third in a series about alternatives to bastion hosts in each of the major cloud providers. The first post covered an introduction to bastion hosts, the SSH multiplexing attack, some disadvantages to managing your own bastions, and an alternative solution in GCP. The second post covered the Session Manager service provided by AWS.

Meeting the Challenges of Remote Work with Chrome OS Policy Settings - Part II

Welcome to the second part of this two-part blog series for administrators who are new to the Chromebook enterprise system. In the previous blog, we discussed settings that are applicable to users and applications. In this blog, we will further explore the Chrome enterprise admin panel as we look into settings that pertain to privacy and physical devices. Device Settings Device settings apply to the physical Chromebook device. They are enforced no matter which user is logged in.

Cloud Challenges by the Numbers: Adoption and Configuration

The year 2020 has shown us that cloud computing is among the most powerful capabilities humanity has, enabling people around the globe continue their everyday business and education uninterrupted. We continue gathering the most interesting findings from industry research. If you’re interested in learning statistics on cloud usage, top cloud initiatives and cloud security concerns, read the 2020 State of the Cloud Security Statistics article.

How Does Ransomware Work? It Doesn't Have to If You're Prepared

Ransomware attacks have become the most common security threat faced by businesses today. A recent report from TrustWave indicates that the number of ransomware attacks quadrupled last year; this type of attack now accounts for more than 20% of all digital security incidents. It’s now more common than even credit card theft.

Nightfall helps modernize The Brain and Spine Clinic with DLP for Slack

Dr. Jacob Januszewski opened The Brain and Spine Clinic in January 2020 to serve his community in eastern Florida. Jacob combines his expertise in Minimally Invasive (MIS) Complex Spine Deformity surgery with patient care and compassion to help anyone who visits his clinic get the treatment they need and ensure a smooth recovery.

How Cyber Kill Chain Can Be Useful for a SOC Team? (Part 2)

Installation: At this stage, SOC analysts are advised to deploy a Security Information and Event Management (SIEM) and Host-Based Intrusion Detection System (HIDS) to detect attacks. To deny an attack, Cyber Kill Chain recommends using Two-Factor authentication, strong password, and privilege separation as well as disrupting attack using data execution prevention.