Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

5 Things to Learn About COBIT

You can’t do large-scale business in 2024 without having a successful, well-run IT infrastructure. Arguably, it’s difficult to do any sort of business well (large or small) without tuning your IT capabilities to your business objectives. This allows them to work as one, not against each other. COBIT is a framework created by ISACA (International Systems Audit and Control Association) to do this very task.

New Discovery Service Boosts Security and Efficiency for IT Admins in the CyberArk Identity Security Platform

The new discovery service, delivered by the CyberArk Identity Security Platform, introduces new capabilities and streamlines the scanning of environments containing *nix, Windows and MacOS target machines. The new service offers SaaS-based flexible scans, local accounts discovery based on endpoint agents, data collection and enhanced automation using Discovery rules.

How To Prevent Secrets Sprawl

Where are your credentials and secrets, and how are you protecting them? These are fair questions, considering the pervasiveness of secrets sprawl. We recently conducted research over 12 months to determine where enterprises’ secrets were residing within their systems, like GitHub, Confluence, Zendesk and Slack. In addition to API keys and passwords, secrets like SSL certificates, usernames and others are spilling into enterprises’ cloud environments and increasing the risk of a breach.

RBAC vs ABAC: Which Should You Use?

The main difference between Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) is how they grant access to users and resources. RBAC focuses on granting access to users based on their roles within an organization, while ABAC grants users access based on their characteristics, such as their environment. Continue reading to learn more about RBAC and ABAC, their crucial differences and which form of access control your organization should use.

Threat Context Monthly: Executive intelligence briefing for October 2024

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from October.

NSA Suite B Encryption: Understanding Its Role in Securing Sensitive Data

Since data breaches are becoming more common and online threats are always changing, strong encryption methods are needed to keep private data safe. NSA Suite B Encryption is one of these standards. It was made by the National Security Agency (NSA) to provide a group of safe cryptographic methods. These algorithms are very important for keeping private information safe in many areas, such as the government, the military, and the private industry.

High Availability vs. Disaster Recovery: Key Differences

Protecting your business-critical data and applications requires understanding two essential strategies: high availability and disaster recovery. While both aim to keep systems operational, they serve distinct purposes and operate on different timelines. This article explains these key differences, provides implementation best practices, and showcases advanced solutions that combine these crucial strategies.

Is Venmo Safe?

Yes, Venmo is generally safe to use; however, there are always risks when using the mobile payment app. Some risks you should be aware of include Venmo scams, account compromises and data breaches. Typically, people use Venmo to pay friends back when they owe money or split the bill at a restaurant. Although Venmo allows you to send and receive money, it is much safer to use the app when transactions are made with people you know and trust.

The £3 Million Daily Heist

A recent report from UK Finance covered by the BBC paints a concerning picture of the evolving landscape of financial fraud. With a 16% rise in fraud cases and criminals stealing over £3 million daily, it's clear that awareness of cybersecurity threats has never been more crucial. Why Social Engineering Continues to Triumph At the heart of many of these scams is the fact that even the most robust technological defenses can be circumvented by exploiting humans.

Threat Actors Compromise Valid Accounts Via Social Engineering

Phishing remains a top initial access vector for cyberattacks, according to researchers at Cisco Talos. The researchers have published a report on threat trends in the third quarter of 2024, finding that attackers are increasingly targeting valid accounts to gain footholds within organizations.