Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

upguard

What is Metasploit?

Dec 9, 2021 By Catherine Chipeta In UpGuard

The Metasploit Framework is a Ruby-based, open-source framework that is used by information security professionals and cybercriminals to find, exploit, and validate system vulnerabilities. The framework consists of various exploitation tools and penetration testing tools. Information security teams most commonly use Metasploit for penetration testing (or “ethical hacking”) to identify and remediate any existing vulnerabilities across an organization’s networks.

Read Post
Forward Networks

Of the nearly 165,000 known CVEs, which ones are putting your company at risk?

Dec 9, 2021 By Chiara Regale In Forward Networks

There are almost 165,000 known CVEs (Common Vulnerabilities and Exposures) listed in the NIST Database. In October of 2020, the NSA published a list of the 25 CVEs most likely to be exploited by Nation-State attackers in China; Checkpoint software found over 3 million attempts to penetrate networks or steal files using these known vulnerabilities.

Read Post

Exploiting NDR to Cultivate Decision Advantage

Dec 9, 2021 By Corelight In Corelight
As defenders, we deploy or develop a number of policies, procedures, tools and technologies to support our risk management strategy while struggling to maintain situational awareness. The regular outputs of detection and response activities rarely cross functional boundaries and result in missed opportunities to translate learnings into institutional memory. With an ever-evolving threat landscape including the transformation to a hybrid work model; the power of decision and ultimately Decision Advantage is the most valuable tool in cyber-defense. In this webcast, Bernard Brantley CISO Corelight will discuss the exploitation of data-centric NDR as the coalescence point for tactical and operational outputs and as a pathway to cultivating strategic decision advantage.
View Video

Zero Trust Architecture Solutions Forum - SANS + Corelight

Dec 9, 2021 By Corelight In Corelight
Security has always been one of the prime concerns for any growing business. In a world where technology is continually evolving, companies are constantly stumbling onto new vulnerabilities. One wrong move in the data management space and companies leave themselves vulnerable to shattering attacks. The increasingly multifaceted landscape means that more groups are turning towards a zero-trust security framework. This approach asks companies to take their security enforcement strategy to the next level and recognize that existing approaches don't offer enough defense.
View Video
CalCom

Netlogon Service Configuration in Active Directory and Member Servers

Dec 9, 2021 By Keren Pollack In CalCom
Netlogon Service is a Microsoft Windows Server process used to validate or authenticate users and devices in a domain. It is used to confirm the user’s identity on any particular network that the user is trying to access. Netlogon is a process, not an application, therefore it is continuously running in the background. It can be stopped either manually or by some runtime error.
Read Post

2022 Predictions #1 - State-Sponsored Mobile Threats Trickle Down to the Cybercrime Underworld

Dec 9, 2021 By WatchGuard In WatchGuard
Mobile malware certainly exists – especially on the Android platform – but hasn’t yet risen to the same scale of traditional desktop malware. In part, we believe this is due to mobile devices being designed with a secure mechanism (e.g., secure boot) from the start, making it much more difficult to create “zero-touch” threats that don’t require victim interaction. However, serious remote vulnerabilities have existed against these devices, though harder to find.
View Video

2022 Predictions #3 - Spear SMSishing Hammers Messenger Platforms

Dec 9, 2021 By WatchGuard In WatchGuard
Text-based phishing, known as SMSishing, has increased steadily over the years. Like email social engineering, it started with untargeted lure messages being spammed to large groups of users, but lately has evolved into more targeted texts that masquerade as messages from someone you know, including perhaps your boss.
View Video

2022 Predictions #4 - Password-Less Authentication Fails Long Term Without MFA

Dec 9, 2021 By WatchGuard In WatchGuard
It’s official. Windows has gone password-less! While we celebrate the move away from passwords alone for digital validation, we also believe the continued current focus of single-factor authentication for Windows logins simply repeats the mistakes from history. Windows 10 and 11 will now allow you to set up completely password-less authentication, using options like Hello (Microsoft’s biometrics), a Fido hardware token, or an email with a one-time password (OTP).
View Video

2022 Predictions #5 - Companies Increase Cyber Insurance Despite Soaring Costs

Dec 9, 2021 By WatchGuard In WatchGuard
Since the astronomical success of ransomware starting back in 2013, cybersecurity insurers have realized that payout costs to cover clients against these threats have increased dramatically. In fact, according to a report from S&P Global, cyber insurers’ loss ratio increased for the third consecutive year in 2020 by 25 points, or more than 72%. This resulted in premiums for stand-alone cyber insurance policies to increase 28.6% in 2020 to $1.62 billion USD. As a result, they have greatly increased the cybersecurity requirements for customers. Not only has the price of insurance increased, but insurers now actively scan and audit the security of clients before providing cybersecurity-related coverage.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.