Some examples of social engineering attacks include phishing, pretexting, scareware, baiting, vishing, smishing and CEO fraud. If you are unsure what qualifies as social engineering, imagine how many ways someone can manipulate you to reveal private information. Threat actors use these psychological techniques, both in person and online, to gain access to your personal or organizational information. These bad actors can install malware on your device, steal your information and even take your identity.

We’ve seen the movies where the character needs to get out of a jam or needs to get somewhere in a hurry, so they mash the big button of Nitrous Oxide and boom they are off! Fast and the Furious and Boss Level are the two movies that come to mind. So, how does this relate to a SIEM or SIEM rules? Sit down, buckle up, and let’s go for a ride.

A significant ransomware attack on Infosys McCamish Systems, an outsourcing service provider for financial and insurance companies, has impacted over six million customers. The breach, which took place in late 2023, was only recently disclosed in a filing with the Maine Office of the Attorney General (OAG). This incident underscores the importance of robust cybersecurity measures such as stolen credentials detection, darknet monitoring services, and digital footprint analysis.

Transaction monitoring in the realm of Anti-Money Laundering (AML) is a critical process that financial institutions employ to detect and prevent illicit activities such as money laundering, terrorist financing, and fraud. As regulatory scrutiny intensifies globally, the importance of robust transaction monitoring systems cannot be overstated.

Vulnerability management is the continuous process of identifying and addressing vulnerabilities in an organization’s IT infrastructure, while patch management is the process of accessing, testing, and installing patches that fix bugs or address known security vulnerabilities in software applications. Vulnerability management and patch management are crucial SecOps processes that protect IT assets against cyber threats and prevent unauthorized access to secure systems.

A high-severity remote code execution (RCE) vulnerability has been found in OpenSSH’s server (CVE-2024-6387) by the research team of Qualys. This issue is especially concerning because it brings back a problem that was originally fixed in 2006, showing that one of the most popular secure software still has hidden bugs. This discovery follows another major vulnerability found in the XZ Utils library just a few months ago, highlighting ongoing security challenges.

Cybersecurity frameworks are blueprints for security programs. Typically developed by governmental organizations, industry groups, or international bodies, they take the guesswork out of developing defense strategies, providing organizations with standards, guidelines, and best practices to help them manage and reduce their cybersecurity risks.

Ransomware attacks are a huge problem: in the past five years alone, they have brought about a state of emergency across vast swathes of the United States, threatened to topple the Costa Rican government, and brought Portugal's largest media conglomerate to its knees. And ransomware attackers show no signs of slowing down: last year, roughly one-third of all data breaches involved ransomware or some other extortion technique.

In this blog, we’re going to examine the Veracode CLI tool. Available for Windows, MacOS, and Linux, the imaginatively named binary veracode can perform a variety of functions across the SDLC. Installing the tool is easy, just follow the steps in the documentation.