Indicators of Compromise, or IOCs, refer to artifacts or clues that may be identified on a network or system indicating a potential security breach. They can be Ips, domain names and more.

Many of us spend a significant amount of time online working, socialising, consuming entertainment and purchasing in online stores, among other activities. This extensive online presence has made the internet a prime target for scammers who prey on unsuspecting individuals. Over time, these scams have become increasingly sophisticated, with fraudsters developing more convincing schemes that people are likely to fall for.

When enabled, the Windows security setting audit detailed file share keeps a detailed record of every time someone tries to access a shared file or folder on either the user’s computer or network. When a regular audit is configured, it logs only a singular event – which user or client is establishing a connection to which shared file or folder. A detailed audit records additional information about who is accessing the shared files and folders.

Threat actors are abusing a technique called “URL rewriting” to hide their phishing links from security filters, according to researchers at Perception Point. Security tools from major vendors use URL rewriting to prevent phishing attacks, but the same technique can be abused to trick these tools into thinking a malicious link is legitimate.

Effective asset management and rapid incident response are crucial for maintaining cybersecurity defenses. To address these needs, and building on its previous Vulnerability Response module integration, CyCognito has announced a new certified integration with ServiceNow’s Configuration Management Database (CMDB).

The demand for robust security, transparency, and accountability is at an all-time high, and many businesses are relying on managed service providers (MSPs) to manage their IT infrastructure, ensure data security, or provide seamless operational support. Concurrently, MSPs must continuously innovate and differentiate their offerings to meet the growing needs of businesses.

On August 20, 2024, GitHub released security fixes for a critical authentication bypass vulnerability in GitHub Enterprise Server, identified as CVE-2024-6800. GitHub Enterprise Server is a self-hosted version of GitHub, designed for organizations to manage and collaborate on code securely within their own infrastructure. This vulnerability affects instances using SAML single sign-on (SSO) with certain identity providers (IdPs) that publicly expose signed federation metadata XML.

As Europe is returning from summer breaks, it is time to reflect on the first half of 2024 and look forward to the rest of the year. Ransomware attacks on hospitals, blue screens across the world crippling airline operations and other industries, deepfakes to sway opinion and possibly elections, deepfake social engineering tactics to extort significant amounts of money - so far the year has kept cybersecurity professionals busy.

On April 9, 2024, Japan's Ministry of Economy, Trade and Industry (METI) announced its intention to implement a cybersecurity rating system for companies by fiscal year 2025.

Operationalizing any new security platform begins with the process of integrating the platform with an organization’s existing infrastructure and workflows. To get the most value out of the system we need to offer an easy path to adoption if we want to crossover from theoretical security concepts into practical, day-to-day operations that protect against cyber threats. Technology change is hard, but changing the way people work is even harder.