Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Ignyte UFCU testimonial video

Jan 14, 2020 By Ignyte In Ignyte
University Federal Credit Union is a #diverse, member-owned cooperative that seeks to bring about #human and social development in full #accordance with International Credit Union Operating Principles. Laura Rea, Senior Manager Assurance Services at UFCU and the #Supervisory Committee were looking for a way to #tie together the #disparate security components and #review them collectively for a better look at the organization’s overall #security posture.
View Video
tripwire

Android Banking Trojans: History, Types, Modus Operandi

Jan 14, 2020 By Tripwire Guest Authors In Tripwire

One sunny morning, my breakfast was interrupted by a phone call from a friend who is an entrepreneur engaged in the transportation of various goods. He said that $11,000 disappeared from his bank account during the night. The bank support service could not help. They advised my friend to report this incident to the police. The money transfers were made using the mobile application and confirmed via SMS. Everything looked like completely legal financial transactions.

Read Post
elastic

Mac system extensions for threat detection: Part 2

Jan 14, 2020 By Will Yu In Elastic

In the previous post, we covered some of the frameworks accessible by kernel extensions that provide information about file system, process, and network events. These frameworks included the Mandatory Access Control Framework, the KAuth framework, and the IP/socket filter frameworks. In this post, we will go into the various tips and tricks that can be used in order to obtain even more information regarding system events.

Read Post
bearer

The top 4 reasons to start monitoring third-party APIs

Jan 14, 2020 By Mark Michon In Bearer

How resilient is your application? Maybe you've set up a suite of logging tools, an APM, and tests to handle all your own code. What happens when a third-party API goes down? What happens when it stays up, but slows down to the point that your dependent services start to fail? Finding a modern application that doesn't rely on third-party APIs is rare, particularly with the abundance of social login and sharing.

Read Post

What is the difference between a Vulnerability Assessment & a Penetration Test?

Jan 14, 2020 By JUMPSEC In JUMPSEC
JUMPSEC Jargon Buster - What is the difference between a Vulnerability Assessment & a Penetration Test, Thom explains. Vulnerability assessments typically rely on vulnerability scanning tools to identify technical vulnerabilities making use of pre-configured test cases and signatures. A penetration test takes a contextual view of the target, combining many vulnerabilities and information sources in order to craft specific attacks with the goal of finding security weaknesses. Simply put a penetration test mimiks a skilled attacker, whereas a vulnerability assessment provides a baseline against common known weaknesses.
View Video

How does Red Teaming differ from a Penetration Test?

Jan 14, 2020 By JUMPSEC In JUMPSEC
JUMPSEC Jargon Buster - Nikoo explains how Red Teaming differs from a Penetration Test. There are a number of ways that a red teaming exercise differentiate from a pen test. Firstly, the scope of standard penetration test is usually clearly defined with the goal to identify as many vulnerabilities as possible and attempt to exploit them on the stated targets during the engagement.
View Video
alienvault

How to identify phishing emails and what to do

Jan 13, 2020 By Jason Nelson In AT&T Cybersecurity

Phishing scams remain one of the most widespread cybercrimes. A phishing scam can be as simple as getting someone to click on a link, attachment, or a picture of cute kittens. I recently received a spam email with the message: “Old friends post embarrassing pictures of Jason Nelson online; click here to see.” Seeing my name in the body or subject line of an email is alarming. That is why scammers word these emails this way.

Read Post
upguard

What are the CIS Controls for Effective Cyber Defense?

Jan 13, 2020 By Abi Tyas Tunggal In UpGuard

The CIS Critical Security Controls are a prioritized set of actions for cybersecurity that form a defense-in-depth set of specific and actionable best practices to mitigate the most common cyber attacks. A principle benefit of the CIS Controls are that they prioritize and focus on a small number of actions that greatly reduce cybersecurity risk.

Read Post

RDS: Do Not Allow COM Port Redirection- The Policy Expert

Jan 13, 2020 By CalCom In CalCom
Do Not Allow COM Port Redirection will determine whether the redirection of data to client COM ports from the remote computer will be allowed in the RDS session. By default, RDS allows COM port redirection. It can be used, for example, to use a USB dongle in an RDS session.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.