There are several types of data or information that can be leaked during a data breach. This include: Though hackers are fast and sophisticated in their operations, nevertheless, some best practices and efficient security tools can help organizations and individuals contain this problem. Here is some help.

Phishing attacks aren’t going away anytime soon. The numbers from Verizon’s 2019 DBIR Report and SANS Institute prove only one thing: When you’ve done all you can to protect against phishing attacks, that means it’s time to do more.

Online shopping has become an increasingly popular trend in the past few years as people find it more convenient to buy from the comfort of their homes. You can get pretty much anything and everything from online stores: groceries, clothing, jewelry, electronics and other household items. Yet, we need to consider for a moment if all these online financial transactions taking place are safe – and how can we ensure our protection from online frauds such as identity theft and phishing attacks.

In our last release of the PowerShell security series, we talked about how PowerShell could be leveraged by malicious actors to gain unprecedented access to your organization’s critical assets. From enumerating sensitive domain information and carrying out credential-based attacks to running malicious executables in memory (file-less malware), we shined a light on the potential of PowerShell and why it’s an ideal weapon for cyber attackers today.

As the cloud continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and - above all - significant security benefits. It’s no wonder that so many businesses have already adopted all three of these models.

Teleport 4.2 introduced a new feature called Enhanced Session Recording that takes an unstructured SSH session and outputs a stream of structured events. It’s the next step in Teleport’s evolution that uses new technology (eBPF or now simply known as BPF) to close some gaps in Teleport’s audit abilities. Below you can see an illustration of this feature and if you keep reading, we’ll get into some of the technical details.

The Consensus Assessments Initiative Questionnaire (CAIQ) is a security assessment provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess information security capabilities of cloud providers.

What is red teaming? How is it different from conventional penetration testing? Why do we need blue, red, and white teams? How are cyber-drills carried out, and what results should be expected? In this article, we will answer these and other questions related to red teaming.