Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In last week’s discussion around readiness and resilience, I introduced the concept of what it means to have “threat-informed” cybersecurity. This week, I want to show you what that looks like in the real world – how it should drive you to challenge more assumptions, reduce your attack surface, and game out real-world scenarios.

The Office of the Comptroller of the Currency (OCC) has outlined its third-party risk management requirements for United States national banks and federal savings associations in the OCC Bulletin 2013-29. These risk management standards don't only apply to third-party vendor relationships; the OCC expects all banks to follow best third-party risk management practices, whether activities occur internally or through service providers.

Vendor security ratings cannot be adjusted without modifying the criteria for evaluating a vendor’s security posture. Since the ability to make unmitigated adjustments violates the objectivity of security posture measurements, this functionality usually isn’t possible on security rating solutions. However, a workaround is to prevent certain discovered risks from influencing the calculation of a vendor’s security ratings.

Deep packet inspection (DPI), as the name suggests, is a type of network packet filtering and an advanced mode of examining network packets. In DPI, network packets that are transmitted through an inspection point are evaluated. At this inspection point, a DPI tool determines where the packets came from, whether a service or application. With DPI, packets are categorized, inspected, and redirected to prioritize business-critical applications and other online services.

The General Data Protection Regulation (GDPR) is often considered the strictest regulation in the world for securing users’ personal data, with fines for non-compliance reaching more than €20 million. The GDPR applies to all organizations processing the personal data of European Union (EU) residents. Do you find it daunting to read through the complex articles of this regulation?

Commonly referred to as Zerologon, CVE-2020-1472 is the Common Vulnerabilities and Exposures (CVE) identifier assigned to a vulnerability in Microsoft’s Netlogon Remote Protocol (MS-NRPC). MS-NRPC is essential for authentication of both user and machine accounts in Active Directory.

Adversaries use multiple techniques to identify and exploit weaknesses in Active Directory (AD) to gain access to critical systems and data. This blog post explores 3 ways they use PowerShell PowerSploit to elevate or abuse permissions, and offers effective strategies for protecting against them.

Introduction: Fraudulent campaigns aimed at top-level executives through phishing are on the rise. In this technical blog post, we will delve into a particular type of CEO phishing scam that employs an attachment containing an agreement draft. We will examine the attack's technical aspects and suggest preventive measures that businesses can adopt to safeguard themselves.

Digital signature certificates are a must-have for any organization interested in ensuring the authenticity of its data and transactions. As a software developer, you can use them to sign software updates or as a sales manager to authenticate contracts. Digital signature certificates are the ultimate guarantee of security and validity. Digital signature certificates provide a secure and reliable way to verify and authenticate data.

Vulnerability management refers to continuously identifying, reporting, and remediating security risks within the cyber assets from networks to cloud platforms. It becomes vital that good cyber security measures with an extensive vulnerability management system be placed to ensure data and application safety.