Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2025

Top tips: Four ways to minimize your digital footprint

Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week, we’re looking at how you can reduce the amount of data you share online and minimize your digital footprint. How would you like it if someone followed you throughout the day, noting every single action you perform, every place you visit, and every interaction you have? Think about it; isn’t this exactly what happens when you use the internet?

How leveraging Address Resolution Protocol ensures seamless networking

Let’s start with the fundamentals: What is Address Resolution Protocol (ARP)? ARP is a vital networking protocol that ensures effective communication between devices on a local-area network (LAN). Its primary function is to map IP addresses to MAC addresses, allowing devices to recognize and communicate with each other within the network. ARP bridges the gap between the logical layer (IP addresses) and the physical layer (MAC addresses).

Living with AI: The Future We Once Imagined

Smartphones, smart homes, and virtual assistants like Alexa and Siri have seamlessly integrated into our daily lives. Yet, many of us rarely stop to think about the technology behind them. We enjoy the convenience these devices offer, but behind the scenes, artificial intelligence (AI) is reshaping the way we live, work, and interact with the world.

The Evolving Importance of Attack Surface Management

As enterprises continue to adopt hybrid and multi-cloud environments, the complexity of managing network security has increased significantly. Attack Surface Management (ASM) has emerged as a critical capability for identifying, monitoring, and mitigating risks across these dynamic environments. Forward Networks’ innovative digital twin technology delivers a compelling solution that addresses the challenges of effective ASM practices.

The State of GitHub Threat Landscape for GitHub Admins - 2024 In Review

In 2024 threat actors were trying to abuse GitHub even more severely than before. There were detected thousands of “ghost accounts” spreading malware. Hackers were also trying to succeed in their malware campaigns using not only repositories but also comments. Moreover, multiple organizations that store their source code on GitHub have experienced data leakage and data breaches. Among those companies are The New York Times, Mercedes Benz, Ultralitics, etc.

Is DeepSeek's Latest Open-source R1 Model Secure?

DeepSeek’s latest large language models (LLMs), DeepSeek-V3 and DeepSeek-R1, have captured global attention for their advanced capabilities, cost-efficient development, and open-source accessibility. These innovations have the potential to be transformative, empowering organizations to seamlessly integrate LLM-based solutions into their products. However, the open-source release of such powerful models also raises critical concerns about potential misuse, which must be carefully addressed.

Guide: FedRAMP Requirements for Vulnerability Scanning

FedRAMP is a key part of maintaining the digital security of the federal government, by way of enforcing security rules across departments and the cloud service providers that work with them. Any CSP that wishes to work with a federal agency or department and handle controlled information needs to obtain an authority to operate (ATO) from the program management office. Part of that ATO is the continuous monitoring of the CSP’s systems to ensure ongoing security in a changing world.

How SMB Misconfigurations Can Lead to Full Network Takeover: A Red Team Case Study

Server Message Block (SMB) is a ubiquitous protocol used for file sharing, remote access, and resource management across enterprise networks. While critical for business operations, its misconfigurations can expose vulnerabilities to attackers. In this blog post, we’ll dive into a real-world red team operation where a simple yet effective PowerShell-based tool led us from SMB enumeration to full network takeover.