Ervin McBride IV – TDP Engineer II contributed to this article. Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.

June 1st 2020: Fireeye end of life The Email Laundry email security service. This comes as a surprise to many as Fireeye acquired The Email Laundry back in 2017 and seemingly had plans to greatly expand the service. The Email Laundry serviced MSPs and small organizations whereas Fireeye had a conserted desire and history servicing Enteprise businesses. This may be why Fireeye decided to exit the SME Email Security service market.

In this post, we continue our discussion of use cases involving account take over and credential access in enterprise data sets. In the first part of this series, we introduced the definition of a VIP account as any account that has privileged or root level access to systems/services. These VIP accounts are important to monitor for changes in behavior, particularly because they have critical access to key parts of the enterprise.

Organizations of all sizes are currently under siege by adversaries with unlimited time and enough technical skill to exploit the cracks in our information systems and networks. All organizations have something to protect, whether large or small, and they are always looking for new technology to help against these adversaries. Zero Trust has become the latest framework to solve all of our security woes.

You're probably familiar with the defense-in-depth or castle and moat approach to cybersecurity. It remains a common model that organizations use to think through their information security. However, as organizations have matured they have sought out new models to enable them to better understand how cyber attackers operate and how best to defend against them.

The crown Jewels, part of the Royal Collection, are the most powerful symbols of the British Monarchy. They are housed in the ‘Jewel House’, vault at the Tower of London. Ever since attempts have been made to steal the crown jewels their security has been tightened. Conventional methods to protect the crown jewels are not sophisticated enough to stop the highly motivated adversarial threats. Let’s take a closer look at how these jewels are protected.

Ensuring authentication is one of the pillars in cyber security. That is why authentication header is one of the crucial practices. In this article, we will explain what authentication header is and how it can be useful for your organization. Almost every cyber security and/or information security expert knows about the famous CIA triad: Confidentiality, Integrity and Availability. These three consist the pillars of data security.