Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

How Cybercriminals Are Getting Initial Access into Your System

This article covers the main techniques cybercriminals use at the initial stage of attacks against enterprise networks. There are several dangerous phases of cyberattacks targeting the corporate segment. The first one encountered by businesses boils down to getting initial access into their systems. The malefactor’s goal at this point is to deposit some malicious code onto the system and make sure it can be executed further on.

2018 Sees Record Number of Online Retail Data Breaches

During the holiday season people logged on to make purchases through online retailers, like no other time of the year. While there was significant growth in many segments of society on a global scale in 2018, we also saw a significant increase in online retail breaches where personally identifiable information was compromised at an alarming rate.

Risk Management Planning: What Is It?

We all live in a world full of "what ifs." In data protection, the "what ifs" of data security control effectiveness can drastically change in a spur of the moment. If a malicious actor finds a zero-day exploit or even a previously unknown vulnerability, he/she can cause a domino effect data breach that cuts across your entire IT supply chain.

60% of Organizations Suffered a Container Security Incident in 2018, Finds Study

Many organizations have DevOps on their mind going into 2019. This is a global movement. In fact, Puppet and Splunk received responses for their 2018 State of DevOps Report from organizations on every continent except Antarctica. Those organizations varied in their industry, size and level of DevOps maturity, but they were all interested in learning how they could advance their DevOps evolution going forward.

Who to Consider an Insider Threat in Your Organization

Typically, people think of security threats as outside attacks on an organization. Data security plans tend to focus on securing the perimeter, endpoints, email and data. Though these are certainly critical measures, all organizations should realize the real threat that insiders, or internal employees, pose to operations.

Meet the Hacker: europa: "I always trust my gut when I get the feeling that something is there"

Meet the hacker europa, a white hat hacker on the Detectify Crowdsource platform. He is based in Italy with a great passion for infosec and relatively new to the bug bounty scene, but seasoned in infosec. We asked him about the kind of bugs he likes to find, why he joined Crowdsource and how persistence helped him turn a duplicate finding into a bug with 8 different bypasses.