The term ‘passwordless’ is easy to wrap your head around (no passwords!) but is often used as an umbrella term that includes passkeys and magic links sent via email or text message.

A distribution group is a mail-enabled Active Directory group used to send a message to a group of recipients who are members of that group. Administrators can manage some of the properties and permissions of distribution groups using the Exchange Administration Center (formerly Exchange Management Console). However, this article explains how to perform many common distribution group management tasks using the Exchange Management Shell cmdlets Set-DistributionGroup and Add-DistributionGroupMember.

Have you ever felt helpless against insider threats and anomalous user behaviors? It can be frustrating to think your traditional security methods aren't enough to keep up with the evolving threat landscape. But there is a solution! Let's discover how to stay one step ahead of attackers and ensure your organization remains secure with user and entity behavior analytics (UEBA)

The Center for Internet Security (CIS) team continuously release updates about cybersecurity best practices for new technologies. As of March 2023 all CIS Windows Server and Windows Workstation Benchmarks will be updated once a year to align with Microsoft’s update schedule. Major version updates that CIS will release (i.e., updating from v1.12.0 to v2.0.0) will account for significant changes in the operating system.

As the new underground forum, ExposedVC, is trying to establish credibility among threat actors and the cybersecurity community in general, its admins are working hard to give some valuable leaks to attract more people. A few hours ago, the admins leaked what they claim to be the entire RaidForums DB that was taken down in 2022 by the FBI, along with the arrest of its admin Omnipotent.

Managed vulnerability scanning is a cybersecurity service that uses software, vulnerability scanners, human-led and automated penetration testing, and other tools to help an organization identify, track, evaluate, and mitigate security risks both inside their network and connected external sources. Even organizations with the most sophisticated information technology security professionals are challenged when dealing with the hundreds of new threats released into the wild each month.

In 2016, Ivan Fontarensky, Technical Director CyberDetect & Respond at Thales, wanted to rollout a Cyber Threat Intelligence (CTI) service to continue to add value to the company’s cybersecurity products used by critical infrastructure organizations around the globe.

CVE-2023-2825 vulnerability is a recently discovered vulnerability in GitLab. It allows unauthorized access to GitLab repositories to read arbitrary files. This post will discuss further details of the vulnerability, its location, discovery, and how the Astra scanner scans for it.

Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the user that they need to renew their subscription. “This is a fairly standard McAfee subscription scam,” Fuchs says. “We see these all the time and they’ve been floating around the Internet for some time. But that’s not what makes this attack unique.