We have seen a marked move to remote work in recent months. While the times have been troubling and stressful in many ways, there has been a flip side. Many of us have found newfound freedoms in how and where we work. With these freedoms come risks. While we can access our email, files and other communications remotely, many have not stopped to ask; are we too open? What level of remote access does each employee need and more crucially what do they not need?

Technology and cyber systems have become essential components of modern society. Despite the benefit of cyber technologies, insecurities arise. These could affect all systems and infrastructures. More than that, the threat of a cyberattack could very well have a transnational component and effect as worldwide systems become increasingly interconnected.

Drive-by download attack is one of the most popular methods employed by hackers nowadays. What is it? How can you protect your organization from it? Keep reading to learn! Malware attacks have been preserving their popularity amongst the hackers for a while. They are relatively easy to implement when targeting medium to small scale organizations, they can go unnoticed for a very long time and extract information from the target quietly.

Solving Puzzles has been a very popular pastime for InfoSec professionals for decades. I couldn’t imagine a DefCon without the badge challenge. At Black Hat 2020 Matt Wixey, Research Lead at PwC UK, didn’t disappoint as he presented on parallels between puzzle-solving and addressing InfoSec problems.

Last year, Capital One showed the world why data governance is so important when it was the victim of a massive data breach that exposed the personal data of 106 million customers. It is still one of the biggest hacks ever recorded, and the company has now been fined $80 million by banking regulators. A “what’s in your wallet” meme would work great here, but let’s keep this classy.

Remember that high school teacher who was never more than one chapter ahead of their students? Well that is me, in this blog. ¯\_(ツ)_/¯

One of the requests we often get is how to securely forward logs to the USM sensor. To forward logs securely, the one component that is required is an SSL certificate. By default, USM has a self-signed certificate that will allow sending secure logs over port 6514. Some platforms, such as Palo Alto Networks, require publicly signed certificates by default. In this blog, we will walk through the process of generating a publicly signed certificate for use with USM.

No one wants to be the next Equifax. Just thinking about their company’s name being in a headline along with the words “security breach” is enough to keep CISOs up at night. Much like Fight Club, however, the first rule of data breaches is: You do not talk about security breaches...unless you’re mandated by notification laws like GDPR. Even though organizations don’t reveal much publicly, their concern is reflected in the amount of money spent to prevent cyber attacks.

I witnessed the transition from bespoke authentication to standards-based authentication. It’s time to do the same for authorization. Twenty years ago, almost everything in the IT world was on-premises: hardware and software, including the tools you used to verify who your users were and what they could do in your systems.