Having the most advanced, artificially intelligent-featured security software certainly makes a company “sound” secure, and in fact, those defenses do help stop most advanced attacks. But not all attacks involve complicated ransomware, spearfishing, or DDoS attacks. What organizations have to remember is their computer network is only one threat vector they have to worry about. And it’s not even the most obvious.

Security is a data problem. One of the most touted benefits of artificial intelligence (AI) and machine learning (ML) is the speed at which they can analyze potentially millions of events and derive patterns out of terabytes of files. Computational technology has progressed to the point where computers can process data millions of times faster than a human could.

CrowdStrike Falcon Insight XDR™ and CrowdStrike Falcon LogScale™ were hot topics at Fal.Con 2022. We weren’t surprised — both are transformational technologies. They’re also complementary, which spurred some questions about how they work together to solve the toughest IT and security challenges. Here, we dig into the details and clear up some common questions about what these tools do, when they should be used and the value they provide.

Effectively evaluating risk goes a long way toward improving an organization’s cybersecurity posture. The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA’s partnership with SecurityScorecard will enhance their members’ ability to evaluate their own risk and that of their entire business ecosystem.

On October 5, a cyber incident disrupted the availability of three state government websites. The Russian-speaking KillNet group claimed responsibility. As discussed in previous SecurityScorecard research, KillNet began as a financially-motivated operation offering a botnet for hire. It has since remodeled to a hacktivist collective, conducting a series of relatively low-sophistication DDoS attacks against targets linked to entities perceived to oppose the Russian invasion of Ukraine.

Your password manager protects your digital life. Passwords. Credit cards. Your most important documents. By its nature, the password manager is personal.

Learning how attackers target weak domain account passwords is not enough for Active Directory security. Let’s look beyond domain accounts and understand the ways adversaries attack local accounts on Windows servers and desktops. For this post, we will focus on the most important local account: Administrator.

In the early days of internet security, an access-centric security model made sense. Access lists on routers were complemented by firewalls and, later, intrusion detection systems. Given the processing capacity available at the time, this was absolutely adequate and appropriate for protecting a website, even with e-commerce. But that was the 1990s, and the internet has become so much more than websites with some shopping capabilities. Now, it’s the backbone of our society.

On Tuesday, October 25th 2022, VMware disclosed a critical remote code execution vulnerability (CVE-2021-39144, CVSS 9.8) in VMware Cloud Foundation NSX-V versions 3.x and older. A threat actor could perform remote code execution in the context of ‘root’ on the appliance due to an unauthenticated endpoint that leverages XStream for input serialization.

As enterprises move their applications to the cloud, they’re adopting finer-grained authorization for their users in order to better secure architectures and applications. Today, many, if not most, organizations use a role-based access control (RBAC) model for secure access. But as the push for fine-grained control grows, many organizations are asking: should we transition to attribute-based access control (ABAC)?