In December 2020, the U.S government announced that it fell victim to what is believed to be the largest security breach in the nation's history. The breach occurred through an innocuous IT update from the Government's network monitoring vendor, SolarWinds. This monumental breach exposes a novel and powerful method of clandestinely penetrating even the most sophisticated security defenses through third-party vendors - supply chain attacks.
At Nightfall, we believe in the power of learning from those who have done it before. That’s why we created CISO Insider — a podcast interview series that features CISOs and security executives with a broad set of backgrounds, from hyper-growth startups to established enterprises. Through these interviews, we’ll learn how industry experts overcame obstacles, navigated their infosec careers, and created an impact in their organizations.
URL filtering is one of the most common types of web filtering techniques used by organizations to restrict the kinds of content that their users may access. URL filtering blocks users from loading questionable websites or hosted files via corporate device or network resources. The filter is triggered by comparing the URL address a user is trying to access against policy lists that specify whether to block, allow, and/or track visits to certain URL addresses.
Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk. While this technique is known and commonly used by Windows malware, it is less popular in Linux environments. The loader decrypts the malicious malware and executes it using memfd create (as described in this blog in 2018).
With many financially-motivated threat actors targeting cryptocurrency, it comes as no surprise that users of 'Stellar', an opensource blockchain payment network, have recently been targeted in a somewhat convincing attack in an attempt to steal their holdings of Lumen (XLM), an 'altcoin' cryptocurrency.
Over the past several years, there have been many changes to software development and software security, including new and enhanced application security (AppSec) scans and architectural shifts like serverless functions and microservices. But despite these advancements, our recent State of Software Security (SOSS) report found that 76 percent of applications have security flaws.
The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the last in a series of posts highlighting the most important elements of the four steps. Previous posts covered Step 1, establishing a foundation of centralized, scalable visibility, Step 2, extracting intelligent insights from your data, and Step 3, supercharging your analysts with the power of automation.
The IoT Cybersecurity Act, which aims to reduce the supply chain risk to the federal government arising from vulnerable IoT devices, was recently passed into law, and its effects are expected to carry over into private enterprise. Critics felt the law was long overdue: as found in the Nokia Threat Intelligence Report 2020, IoT devices are now responsible for 32.72% of all infections observed in mobile networks, representing an increase of 16.55% since 2019 alone.
The annual list of top security projects from Gartner provides key insights on where security leaders should focus their limited time and resources to be the most effective at protecting their data, users, and infrastructure. Netskope provides value for each of the top 10 recommended security projects for this year and next, including many critical capabilities. This blog series will highlight each Gartner recommendation and how Netskope specifically can help.
