Security

Ensure 'Store passwords using reversible encryption' is set to 'Disabled'

Dec 15, 2021 By Keren Pollack In CalCom

Password storage and encryption are an essential part of your password policy. Reversible encryption is known for being vulnerable to attacks. Therefore, it is crucial to map its usage and try to avoid it as much as possible.

Read Post

CalCom

Read more about Ensure 'Store passwords using reversible encryption' is set to 'Disabled'

Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Millennium Homes

Dec 15, 2021 By WatchGuard In WatchGuard

This year’s housing market has real estate agents at Millennium Reality traveling from location to location. Using WatchGuard’s AuthPoint provides secure means to verifying their identities no matter where they are.

View Video

WatchGuard

Read more about Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Millennium Homes

The SANS Holiday Hack Challenge 2021 - An Interview with Ed Skoudis

Dec 15, 2021 By Splunk In Splunk

For the past three years, Splunk has contributed an objective to the SANS Holiday Hack Challenge. In this interview, Splunk’s Dave Herrald sits down (virtually) with Ed Skoudis of SANS to discuss the Holiday Hack Challenge, Splunk’s involvement, and stories of CTFs gone by.

View Video

Splunk

Read more about The SANS Holiday Hack Challenge 2021 - An Interview with Ed Skoudis

Practice vs Maturity in CMMC 2.0 Framework

Dec 15, 2021 By Ignyte In Ignyte

When CMMC was first introduced by the DoD, its purpose was to “normalize and standardized cybersecurity preparedness across the federal government’s Defense Industrial Base or DIB.” Essentially, they recognized a weakness in cybersecurity hygiene practices in their supply chain, and so CMMC became the standard the DIB would be “graded” by to ensure the protection of sensitive or Controlled Unclassified Information (CUI).

View Video

Ignyte

Read more about Practice vs Maturity in CMMC 2.0 Framework

58% of Orgs Are Using a Vulnerable Version of Log4j

Dec 15, 2021 By Hope Goslin In Veracode

On December 9, 2021, a zero-day vulnerability in Log4j 2.x was discovered. This vulnerability is of great concern because if it’s successfully exploited, attackers are able to perform a RCE (Remote Code Execution) attack and compromise the affected server. Since we are a cloud-based Software Composition Analysis (SCA) provider, we have useful customer data that gives insight into the scope of the Log4j vulnerability.

Read Post

Veracode

Read more about 58% of Orgs Are Using a Vulnerable Version of Log4j

Flow Use Case: Limit Intruder Dwell Time

Dec 15, 2021 By Devo In Devo

In this use case, a hypothetical attacker used an exploit against our machine in the local network, which triggered an alert from an external security service. Our external service does not provide additional details about the threat. We will use this Flow to combine the external service data and the data extracted by Devo to check if there's any data flow from the victim to the attacker.

View Video

Devo

Read more about Flow Use Case: Limit Intruder Dwell Time

Building a Foundation for Zero Trust

Dec 15, 2021 By Tripwire In Tripwire

Join Tim Erlin, VP Product Marketing and Strategy, Tripwire, as he shares results from our recent research around Zero Trust and discusses the role of integrity when it comes to Zero Trust Architecture.

View Video

Tripwire

Read more about Building a Foundation for Zero Trust

Addressing Log4j2 Vulnerabilities: How Tripwire Can Help

Dec 15, 2021 By Jess Glackin In Tripwire

On December 9th 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell.” This vulnerability has been classified as “Critical” with a CVSS score of 10, allowing for Remote Code Execution with system-level privileges. If you are currently working to identify instances of this vulnerability, Tripwire can help.

Read Post

Tripwire

Read more about Addressing Log4j2 Vulnerabilities: How Tripwire Can Help

Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government

Dec 15, 2021 By Tripwire Guest Authors In Tripwire

In September 2021, Tripwire released its annual report to examine the actions taken by the U.S. federal government to improve cybersecurity. The report also looks at non-government organizations so that we may catch a glimpse of the differing views and approaches of each, which makes for interesting (and revealing) insights.

Read Post

Tripwire

Read more about Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government

Close Out Construction Projects Without the Administrative Hassle

Dec 15, 2021 By Chris Schmitt In Egnyte

Properly closing out construction projects can be a major administrative hassle that takes time away from more productive tasks. Not only do you have to identify and retain your contracts, warranties, and proof of completions, but you also must remove team members who no longer require access to systems and folders. It’s typically a very manual process—but it doesn’t have to be.

Read Post

Egnyte

Read more about Close Out Construction Projects Without the Administrative Hassle

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Ensure 'Store passwords using reversible encryption' is set to 'Disabled'

Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Millennium Homes

The SANS Holiday Hack Challenge 2021 - An Interview with Ed Skoudis

Practice vs Maturity in CMMC 2.0 Framework

58% of Orgs Are Using a Vulnerable Version of Log4j

Flow Use Case: Limit Intruder Dwell Time

Building a Foundation for Zero Trust

Addressing Log4j2 Vulnerabilities: How Tripwire Can Help

Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government

Close Out Construction Projects Without the Administrative Hassle

Monthly Archive

Follow Us