Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If your company does any business with the U.S. Department of Defense, you will be required to comply with CMMC 2.0 to be considered for future contracts. It doesn’t matter if you sell a product or a service, if DoD business is only a small part of your revenue, or if you are only a subcontractor. You will still be required to comply, even if the work you do hasn’t changed. Your business needs to start building a roadmap for CMMC Level 1 or Level 2 compliance.

Protecting devices, data, or systems from cyber threats is what cyber security is all about. These cyber-attacks are usually aimed at gaining access to, destroying, or stealing sensitive data, or consumers’ money and disrupting online transactions and business operations. Implementing an effective cyber security system is critical, as the task has grown increasingly difficult.

Despite wide-spread knowledge on the risk of using a weak password, 123456 is still a common password in use by a number of users. You’re probably wondering who would still use this password. Well, close to 103 million people around the world according to NordPass’ report. While this is alarming, let’s just take a moment to consider why users choose simple, easy-to-remember passwords despite being aware of the risks. Password overload: How big of a concern is it?

ePHI stands for electronic protected health information. Electronic protected health information is protected under the Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA. ePHI security is governed by the HIPAA Security Rule. With the rise of telehealth, covered entities need to understand the requirements for safely transmitting, storing, and using ePHI to be compliant with the Security Rule and to protect a patient’s privacy.

A manufacturing organisation providing direct goods and services is known as a vendor. If the same services and products are provided on behalf of a direct vendor, they are known as third-party vendors. Third-party vendors always have a direct written contract, but not each vendor and organisation works with contracts. The definition of an entity as a third-party vendor depends on the organisation hiring its services.

This month, Microsoft announced a vulnerability in NFS. The exploit lies in how an attacker can force a victim NFS server to request an address from the attacker’s fake NFS server. The address returned will overflow memory on the victim NFS server and cause a crash. Through Microsoft’s MAPP program, Corelight Labs reviewed a proof-of-concept exploit for this vulnerability and wrote a Zeek®-based detection for it. You can find a PCAP of this exploit in our GitHub repository.

This month, Microsoft announced a vulnerability in PPTP, a part of the VPN remote access services on Windows systems that runs on port 1723/tcp. Through Microsoft’s MAPP program, Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek®-based detection for it.

With the Internet's widespread growth, South Africa has become quite dependent on it for economic affairs. This sharing of self-generated data is a boon to all business transactions and even social interactions. The increased dependence on the digital world raises significant concerns about cyber security. Cybercrime is a global problem that has affected South Africa, both in the private sector and in government.

The great thing about working in the world of cybersecurity is that there’s always something new. You may think you’ve seen it all, and then something comes along that completely surprises you. And that’s certainly true of the GoodWill ransomware, which security firm CloudSEK described this week.