Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AT&T Cybersecurity

Penetration testing is in the eye of the beholder

"Beauty is in the eye of the beholder." A famous phrase known to all indicates that our perceptions influence our definitions. The same can be said about penetration testing. Often when clients approach us for what they believe to be a penetration test, their definition and needs do not necessarily meet the accepted approach of those within the security field.

Risk counts for Cyber and here is why

Risk is one of those standard terms within cybersecurity that, when asked to define, many struggle to explain what risk is and how it applies to cybersecurity. To start, we need to understand risk as it applies to security. Risk, like mathematics, is an artificial construct that humans use to understand and describe their environment.

What is Data-as-a-Service (DaaS)? Understanding the benefits, and common use cases

If you were looking at all the opportunities data unlocks for your businesses, you’ve probably stumbled upon DaaS. DaaS stands for data as a service, which may appear as something overly complicated and expensive to consider. It’s quite the opposite, and it has the power to help a company leverage IoT and cloud data without investing heavily in infrastructure and software. To truly assess whether it is complicated to implement and what benefits it delivers, you need to know what DaaS is.

APIs: Risks and security solutions

APIs have become a vital part of doing business. Organizations increasingly rely on the use of APIs for day-to-day workflows, particularly as cloud applications become something of a mainstay. A recent report found that the average number of APIs per company increased by 221% in 2021. Not only are APIs impossible to ignore, but the need to invest in API security cannot be overlooked. The trend in usage is closely followed by opportunists seeking ways to exploit vulnerabilities for their gain.

8 blockchain security issues you are likely to encounter

Blockchain technology has grown up in popularity in recent years. Excluding its initial application in cryptocurrency, it's currently getting used in property, healthcare, smart contracts and many other fields. The technology collects and stores information in groupings referred to as “blocks” and every block will hold a collection quantity of knowledge.

Credential theft food chain-What is Ransomware-as-a-Service

Anyone who has watched the Lockpicking Lawyer realizes that certain locks promoted as the latest-and-greatest aren’t necessarily the most reliable devices for securing physical assets. Like many other security professionals, he seeks to educate consumers and manufacturers on defects in devices and how to improve their security. It reminds me of a quote by Deviant Ollam (security auditor and penetration testing consultant): "Security is achieved through openness.

How to unite security and compliance in 5 simple ways

We have entered the era of data compliance laws, but regulations have not quite caught up to the level of risk that most organizations are exposed to. Uniting security and compliance is crucial to maintaining regulation standards and ensuring a secure environment for your business. Digital transformation and the rollout of new digital tools are moving faster than the speed of litigation. For example, many industries are utilizing connected IoT tools that significantly increase attack vectors.

Why does preparing for AI attacks need to be your next big agenda?

This blog has been written by an independent guest blogger. Since its advent, the debate over its ethical and unethical use of AI has been ongoing. From movies to discussions and research, the likely adversarial impact AI has had over the world has been a constant cause of concern for every privacy and security-conscious person out there.

Guide to the best data privacy certifications for 2022

According to research by Statista, over 80% of internet users in the US fear that their personal information is vulnerable to hackers. Data privacy defines how organizations and other entities collect data on other individuals, how they process it, for what purposes they collect and process it, how long they keep it, and how they protect it, to name a few. In the modern digital environment, data privacy certifications are essential since they impart the skills needed to become privacy specialists.

Shikitega - New stealthy malware targeting Linux

AT&T Alien Labs has discovered a new malware targeting endpoints and IoT devices that are running Linux operating systems. Shikitega is delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one. An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist.