Maven is the most commonly used build system in the Java ecosystem, and it has been for many years. Building your application with Maven is easy since it takes care of many things for you. In different phases of the Maven lifecycle, it handles things like: With Maven, the development lifecycle happens the same way on every machine for every developer on the team, as well as within the CI pipeline.
Recently, Amazon AWS introduced the new feature EC2 Serial Console for instances using Nitro System. It provides a simple and secure way to perform troubleshooting by establishing a connection to the serial port of an instance. Even though this feature is useful in case of break glass situations, from a security perspective, it could be used by adversaries to gain access through an unguarded secondary entrance.
On 15th April we were delighted to attend the Digital City Awards online ceremony where we scooped two wins, the Cyber Security Project of the Year and the major award category, The Digital City Innovation of the Year Award. This award recognises the novel product or service which has revolutionised the way things are done and made a real difference in its intended field.
Gartner recently published the 2021 Strategic Roadmap for SASE Convergence, outlining key challenges that are driving shifts to Secure Access Services Edge (SASE) architecture. Not surprisingly, chief among these challenges are consistency, simplicity, transparency, and efficacy—all of which a properly implemented SASE architecture is positioned to solve. But knowing what the challenges are, how do we then get to SASE? Has your journey already started? What are the right moves?
BazarLoader is a malicious dropper used in multiple campaigns, including the massive wave of attacks targeting US Hospitals with the Ryuk ransomware during October 2020. The primary purpose of BazarLoader is to download and execute additional malware payloads, and one of the key characteristics is its delivery mechanism, which exploits legitimate cloud services like Google Docs to host the malicious payload.
The mastermind that orchestrated the SolarWinds attack may finally have a name. On Thursday, April 15th, the White House officially announced that the Russian Foreign Intelligence Service (SVR) - also known as APT 29, Cozy Bear, and The Dukes - was responsible for the campaign that exploited the SolarWinds Orion platform. But the attacks are not over yet. A joint advisory from the U.S.
Whilst employment has taken a downward curve over the last year or so, there are a variety of approaches I use when applying for a role to help my CV stand out. One key point is knowing what the job entails before submitting my cover letter and CV. This allows me to tailor my message effectively. Additionally, it enables me to find positions that I might not have originally considered. One position I think more people should be aware of is a CISO.
Several digital attacks against pharmaceutical companies have made news in the past few years. Back in 2017, for instance, Merck fell victim to NotPetya. The wiper malware spread to the pharmaceutical giant’s headquarters, rendered years of research inaccessible, affected various production facilities and caused $1.3 billion in damages, according to Bloomberg News.
In our previous blog post on Windows access tokens for security practitioners, we covered: Having covered some of the key concepts in Windows security, we will now build on this knowledge and start to look at how attackers can abuse legitimate Windows functionality to move laterally and compromise Active Directory domains. This blog has deliberately attempted to abstract away the workings of specific Windows network authentication protocols (e.g., NTLM and Kerberos) where possible.
