Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2018

The Pitfalls Of Leaked Administrative Passwords

The most well-known type of system credential is the administrative, or root password. These types of accounts are “administrators,” meaning they usually have total access to whatever system they are for. Administrator accounts are used by your IT staff or contractors to manage the basic operations of a system. These operational tasks could include maintenance, data migrations, and other common IT work that requires elevated access beyond normal business use.

The DevOps Career Guide

Perhaps your organization is looking to make a transition from traditional IT operations and development practices to DevOps, or you're looking to realign your career path with DevOps to position yourself more favorably to future opportunities. Whatever your motivations are, this eBook will provide you with foundation knowledge for boosting your career with DevOps.

How Trade Secrets Can Be Abused By An Attacker After A Data Breach

Even as public awareness of data breaches grows, the popular conception of what information is sensitive, and how sensitive it is, lags behind the threats that individuals, businesses, and governments face today. The classic model for a data breach is individuals’ login credentials for banking or private identity information like their social security numbers, but there is equal– and in many cases far greater– value in information with less obvious potential for abuse.

Resilience in the Age of Automated Hacking

When we think about cyber attacks, we usually think about the malicious actors behind the attacks, the people who profit or gain from exploiting digital vulnerabilities and trafficking sensitive data. In doing so, we can make the mistake of ascribing the same humanity to their methods, thinking of people sitting in front of laptops, typing code into a terminal window.

Data Exposure Types: System Information

There are many different kinds of sensitive data that can be exposed, each with its own particular exploits and consequences. This article will focus on what we have categorized as “systems information,” data that describes digital operations, such as systems inventory, configuration details, data center and cloud design, performance metrics and analyses, application code, and IT business data, such as equipment spend, vendor discount, and budgeting.

The Dangers of Publicly Writable Storage

During the course of UpGuard’s cyber risk research, we uncover many assets that are publicly readable: cloud storage, file synchronization services, code repositories, and more. Most data exposures occur because of publicly readable assets, where sensitive and confidential data is leaked to the internet at large by way of a permissions misconfiguration.

Why Do Cloud Leaks Matter?

Previously we introduced the concept of cloud leaks, and then examined how they happen. Now we’ll take a look at why they matter. To understand the consequences of cloud leaks for the organizations involved, we should first take a close look at exactly what it is that’s being leaked. Then we can examine some of the traditional ways information has been exploited, as well as some new and future threats such data exposures pose.

Can Fast Food be Bad For Cybersecurity?

No, we aren't talking about your burger-inhaling operator passing out on the job, leaving your precious IT assets unattended. You've probably guessed that we're referring to the latest Wendy's data breach announcement: on June 9th, the international fast food chain disclosed that its January 2016 security compromise was, in fact, a lot worse than originally stated—potentially eclipsing the Home Depot and Target data breaches.

Systema Systems' Data Exposure and Cloud Security For The Insurance Industry

The insurance industry has been consistently targeted for cyber attacks as of late, for good reason: sensitive data is at the heart of every process—from handling health insurance claims to archiving medical histories. And because medical records are worth ten times more than credit card information on the black market, firms handling said data are required to take extra precautions in bolstering information security.

Enabling Visibility with UpGuard and ServiceNow

ServiceNow® customers optimizing their IT service delivery and management processes require deeper context and detail level behind IT asset changes--information the leading help desk automation and incident reporting platform does not provide. In this report you'll learn how UpGuard fills this visibility and awareness gap, keeping ServiceNow® in line with the true state of your environment.