Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

VLAN Hopping and Mitigation

A VLAN is used to share the physical network while creating virtual segmentations to divide specific groups. For example, a host on VLAN 1 is separated from any host on VLAN 2. Any packets sent between VLANs must go through a router or other layer 3 devices. Security is one of the many reasons network administrators configure VLANs. However, with an exploit known as 'VLAN Hopping', an attacker is able to bypass these security implementations.

Compliance is not security

The recent hack on British Airways is alarming to say the least, and it’s not just because roughly 380,000 payment cards were compromised. British Airways is a huge company earning millions each year. These sorts of companies are heavily regulated and are required to be Level 1 PCI complaint (the highest level of compliance).

Weekly Cyber Security News 07/09/2018

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A pretty energetic week for a change. Varied and unexpected breaches as is the norm, though a few new items of note. The first is a little worrying, and really hopefully (at least for the public) won’t set a precedent: Penalising those that can’t make use of good password best practice.

Information Leakage of Threat Intelligence, Incident & Status Data

Information leakage of threat intelligence, incident data, and status data can have several legal consequences for organizations. Information leakage can occur due to the misconduct of disgruntled employees or results in by virtue of a nefarious cyber-attack. The underlying sections will take a deep dive into two different scenarios—namely, The Trauma of IP Address Leakage and The Menace of Product Vulnerability Leakage.

Introduction to Threat Intelligence and Types

The phrase Threat Intelligence has slowly gained significance in the information security community and their discussions. With the decision makers considering it as a high priority requirement, vendors have launched an array of products which are indeed confusing for an executive with the managerial background. This is an introductory post in our series of detailed discussion on threat intelligence.

Threat Detection with AlienVault® USM: 2-Minute Overview

AlienVault USM simplifies threat detection and analysis. Our unified platform includes pre-integrated tools combined with up-to-the-minute threat intelligence and delivers an easy, effective way to accelerate your threat detection and response. Additionally, our Kill Chain Taxonomy allows you to focus your attention on the most important threats, with attacks classified into five categories and contextual information to help you understand attack intent and threat severity quickly.

Preventing 'Unlimited' ATM Cash-out Attacks

On August 10th, the Federal Bureau of Investigation (FBI) issued a global fraud warning that an ‘unlimited’ ATM cash-out scheme was about to occur. While this did not stop criminals from making off with over $13.5 million USD from one bank in India, it did highlight the importance of early warning fraud systems and layered defense mechanisms.