Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AT&T Cybersecurity

Can incident response be fun?

Cyber attacks are unfortunately inevitable. It’s important to security harden your networks as much as possible. But your organization must also be prepared for incident response. Effective incident response involves an awareness of various cyber risks and threats, having a plan to respond to the various ways they manifest, and having a team that can think quick on their feet when they actually occur.

Slack phishing attacks using webhooks

Slack is a cloud-based messaging platform that is commonly used in workplace communications. It is feature-rich, offering additional functionality such as video calling and screen sharing in addition to a marketplace containing thousands of third-party applications and add-ons. Slack Incoming Webhooks allow you to post messages from your applications to Slack.

Assess and adapt for resiliency

Admittedly, we are in uncharted territory – what seemed routine a few short weeks ago – commuting to work, going to the gym, or gathering with friends – is now either a daunting task or a non-existent option. This shift has impacted our technology, our workforce, and our business environments almost overnight and with minimal warning.

The Zero Trust Authorization Core

The Foundation of a Zero Trust Architecture (ZTA) talked about the guiding principles, or tenets of Zero Trust. One of the tenets mentions how all network flows are to be authenticated before being processed and access is determined by dynamic policy. A network that is intended to never trust, and to always verify all connections requires technology that can determine confidence and authorize connections and provide that future transactions remain valid.

Common focal points of DoS attacks

This blog was written by an independent guest blogger. Is your company at risk of a Denial of Service (DoS) attack? If so, which areas are particularly vulnerable? Think it’s a crazy question? Think again. In 2020, 16 DDoS attacks take place every minute. DoS attacks require fewer resources, and so pose an even greater threat. In this post, we’ll discuss what a DoS attack is and how it differs from a Distributed Denial of Service (DDoS) attack.

The Power of Community to Fight COVID-19 Cyber Threats

Cybercriminals are taking advantage of the fear and uncertainty surrounding the current global health and economic situation as well as sudden shifts and exposures in IT environments to launch COVID-19 related attack campaigns. The bad guys are moving full-steam ahead in their efforts to lure victims by playing on their fears.

Here is why your healthcare provider cannot accept Venmo payments

Are you using Venmo to send and receive payments? People use Venmo for everything, and in these times when no one wants to handle actual money for fear of spreading infection, Venmo is a brilliant idea. Of course, the difference between Venmo and other mobile payment applications is that Venmo adds a social networking component to its process. While this makes things very easy for transacting payments, it creates some serious privacy concerns.

The foundation of a Zero Trust architecture

Organizations have placed a lot of time, effort and capital spend on security initiatives in an effort to prevent security breaches and data loss. Even the most advanced “next generation” application layer firewalls filtering malicious traffic at the network perimeter has only revealed equal if not greater threats within.

9 Reasons to hire an InfoSec candidate without experience: Focus on skillset vs. experience

This blog was written by an independent guest blogger. $37-$145k jobs for InfoSec specialists without experience. Hiring immediately. This is what a simple internet search has to offer for people looking to get entry-level jobs in Information security (InfoSec), or cybersecurity. It seems like a good deal, considering that the requirements for candidates are much lower compared to many other jobs.

Stories from the SOC- RIG Exploit Kit

AT&T Alien Labs® Open Threat Exchange® (OTX) recently created a pulse for a new threat entitled the RIG Exploit Kit which had been observed distributing ransomware to victim companies across a variety of industry verticals. This exploit was discovered by BroadAnalysis who outlined the exploit’s intricacies in a whitepaper that was released December 2, 2019.