Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

cyberint

The InfoStealer Lifecycle: A Look At The Attack Process From End-to-End

Mar 23, 2023 By Cyberint In Cyberint
Malware is not a new attack vector but, over the past few years, the Cyberint research team was observed a resurgence of this threat. In particular, a specific type of malware known as InfoStealers has become a serious risk. This blog post will drill down on InfoStealers and discuss the lifecycle of an InfoStealer attack, from beginning to end.
Read Post
keeper

Indent and Keeper: Time Limited and Permanent Password Access Available On-Demand

Mar 23, 2023 By Josh Klapow In Keeper

Last year, Keeper Security unveiled One-Time Share, a secure and convenient way for Keeper users to share credentials with anyone, including those that are not Keeper users. Since its launch, many of our customers have grown to rely on One-Time Share, including in cases where they need the ability to set time duration. As a result, we’ve made expanding the options for setting and modifying time-limited access a top priority.

Read Post

Dev First Prevention Strategies Using the CI/CD

Mar 23, 2023 By Snyk In Snyk
Watch this office hours where we cover best practices for introducing a blocking/prevention strategy using the CI/CD Integration. Security and engineering teams often fail to find a balance between meeting the necessary security objectives for their organization and ensuring maximum velocity. While security teams view the process of blocking new critical severity vulnerabilities as a basic security best practice, engineering teams often push back out of fear that it will create too much friction for their developers.
View Video
splunk

The SQL Injection Guide: Attacks, Types, Signs & Defense Against SQLi

Mar 23, 2023 By Muhammad Raza In Splunk
Most dynamic web applications and sites — ones that store and process user information — use some sort of database implementation. One of the most common implementations involves SQL. Structured Query Language is a standard language for relational database management systems (RDBMS). It lets you query database records, change and modify them, set permissions, create custom views and storage procedures.
Read Post
splunk

Zero Day Defined: Zero-Day Vulnerabilities, Exploits & Attacks

Mar 23, 2023 By Muhammad Raza In Splunk
Zero-Day” is an intriguing concept in the domain of cybersecurity. Imagine diligently following security best practices such as patching exploits and updating the systems regularly. Plus, you’re following strict risk management and governance frameworks within the organization to vet new software applications for security risk before adding them to your library. But what happens when the security flaws are novel — and a patch does not exist?
Read Post
splunk

Machine Learning in Security: Detecting Suspicious Processes Using Recurrent Neural Networks

Mar 23, 2023 By Kumar Sharad In Splunk
Malicious software like ransomware often use tactics, techniques, and procedures such as copying malicious files to the local machine to propagate themselves across the network. A few years ago, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Health and Human Services issued a joint cybersecurity advisory to ward off potential harm from threat actors for at-risk entities.
Read Post
splunk

Breaking the Chain: Defending Against Certificate Services Abuse

Mar 23, 2023 By Splunk Threat Research Team In Splunk
In recent years, there have been several high-profile cyber attacks that have involved the abuse of digital certificates. Digital certificates are electronic credentials that verify the identity of an entity, such as a person, organization, or device, and establish trust between parties in online transactions. They are commonly used to encrypt and sign data, authenticate users and devices, and secure network communications.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.