Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Don't Put Real Answers Into Your Password Reset Questions

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset questions with real answers! It’s not Jeopardy! You don’t have to answer the questions correctly. In fact, you’re putting yourself at increased risk if you do. Instead, give a false question to any required password reset answer.

Cybercriminal Gang Targeting SMBs Using Business Email Compromise

Researchers at Todyl have published a report on a major cybercriminal group that’s conducting business email compromise (BEC) attacks against small and medium-sized businesses. Todyl describes three separate BEC attacks launched by this threat actor. In one case, the attackers compromised a Microsoft 365 account belonging to an individual working at a small non-profit.

New VPN Credential Attack Goes to Great Lengths to Obtain Access

A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network. This is one of the most advanced initial access attacks I’ve seen. Security analysts at GuidePoint Security have published details on a new attack that tricks users into providing the attacker with credentialed access.

The Importance of DevSecOps in Mobile Apps

Some of the biggest and most successful businesses around the globe adopt a security-first strategy right from day one to ensure sustainability in growth. Regarding scalability, faster time to market, or competitive advantages, security must sit right at the top of business strategy. Security ensures that regular business operations and innovations remain uninterrupted pre or post-production.

An Introduction to Threat Monitoring

According to CIS, just in the first half of 2024, malware-based threats rose by 30% from 2023. A similar 30% year-over-year increase was also found in cyber attacks in 2024 in a report by Check Point Research. With such alarming statistics, it is evident that the need for threat monitoring has become more critical than ever before. In this blog post, we'll explore what threat monitoring entails, why it's essential, and how you can implement best practices to safeguard your business.

My CUPS Runneth Over (with CVEs)

The Common Unix Printing System (CUPS), a standard component in nearly every Unix-like and Linux system, has recently come under scrutiny due to a series of critical vulnerabilities discovered by security researcher Simone Margaritelli. These issues, collectively known as the CUPS vulnerability, expose Linux and Unix environments to potential remote code execution and information disclosure risks.

How to Add Azure Account as a Datasource

In this BDRSuite demo, I’ll guide you through adding an Azure Account as a Data Source in BDRSuite Backup Server.` BDRSuite provides robust protection for your Azure data, allowing you to back up and recover virtual machines, storage accounts, and other Azure resources efficiently. It supports flexible storage options, secure backups, and easy recovery processes.

What Is ARM64 and Why Should You Use It?

In this video, learn what ARM64 is, its architecture, its advantages over x86 and other processors, and other general benefits. Resources and social media: Transcript: If you’re wondering what ARM64 is, let’s flash back a few years… During the 2000s, ARM processors led the way in the mobile revolution, providing our smartphones and tablets with serious computing power. ARM’s 32-bit chips were built on reduced instruction set computer (RISC) architecture that clocked speeds of 1 to 2 GHz, and became the dominant chip inside the devices we put in our pockets.