Although we just wrapped up National Cybersecurity Awareness Month in October, security professionals never take a break — because cybercriminals don’t either. That’s especially true for folks who work in law enforcement. Every day they are on the front lines helping to protect the public and solve crimes using Criminal Justice Information (CJI) such as crime reports and fingerprints.
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol designed to protect your organization's email domain from being used in email spoofing. Email spoofing is often used for social engineering attacks like business email compromise attacks, phishing or spear phishing emails, emails scams and other cyber attacks.
Malicious actors are increasingly launching digital attacks against industrial organizations. Many of these campaigns have been successful, particularly those that have targeted energy utilities and manufacturing plants. In late spring 2019, for instance, aircraft parts manufacturer ASCO temporarily suspended operations worldwide after falling victim to a ransomware attack.
The potential harm of a malicious URL is so great that they are considered one of the biggest threats to the digital world, especially when we talk about attacks and threats that arrive by email.
Today, we are proud to announce that we have closed a $25MM Series A funding round led by Kleiner Perkins. In just a couple of years, our customer base has exploded from a handful of early adopters to an impressive portfolio of some of the world’s largest and most innovative companies, including NASDAQ, Splunk, TicketMaster, Mulesoft and Samsung.
An exploit is a piece of software, data or sequence of commands that takes advantage of a vulnerability to cause unintended behavior or to gain unauthorized access to sensitive data. Once vulnerabilities are identified, they are posted on Common Vulnerabilities and Exposures (CVE). CVE is a free vulnerability dictionary designed to improve global cyber security and cyber resilience by creating a standardized identifier for a given vulnerability or exposure.
Organizations are increasingly preoccupied with strengthening the digital security of their industrial control systems (ICS). They no doubt heard FireEye reveal that it had detected a second intrusion by the same actor behind Triton malware at a second critical infrastructure organization. More recently, they likely heard confirmation of a digital attack that struck the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu, India back in September.
The great management thinker, W. Edwards Deming, famously said something to the effect of, “If you can’t measure it, you can’t manage it.” It’s hard to argue with Deming’s logic, but there’s a consideration that comes before measurement, and that’s discovery. Before anyone measures or manages anything, they have to be able to accurately find and understand the things being measured, managed, improved, and transacted.
I recently took – and passed – the CompTIA Security+ exam (Sec+). Sec+ is a general introduction to multiple functional areas of security, ranging from network security to access control and identity management, for anyone looking to break into the space. For context, I have no previous training as a network or security professional, and my educational background was finance and Russian, nothing related to security.
Malware is an imminent threat for organizations. In order to protect your systems from it, you need to be informed about it. In this article, we will take a closer look at malware and malware outbreaks.
