Last month, Corelight had the distinct privilege of joining Cisco, NetWitness, Palo Alto Networks, Arista, and our internet service provider, MyRepublic, to provide availability and network security overwatch to the Black Hat Asia network in Singapore. This marked our first appearance in the Black Hat Network Operations Center (NOC).
There are risks associated with providing your confidential information online, but it’s necessary in a modern world that requires Personally Identifiable Information (PII) to create accounts, purchase goods online, complete your taxes or receive a paycheck. Your data could become vulnerable through no fault of your own. Data breaches are common, and your account information could get leaked. If your data is intercepted by threat actors, it could be sold to cybercriminals on the dark web.
Welcome to the era of data domination! Every day, 2.5 quintillion bytes of data flood the digital landscape, estimates Forbes, with a whopping 90% of data created in just the last two years. While this growth presents many opportunities for organizations, it also introduces many challenges. That’s where data governance comes in. It’s a critical practice for businesses trying to navigate data management and data security.
In the fast-paced world we live in, where organizations face increasing threats to their security and protecting sensitive information, implementing robust security measures is paramount. Static passwords have proven inadequate in safeguarding data from unauthorized access and data breaches. However, there is a solution that addresses these vulnerabilities: time-based one-time passwords (TOTP).
Privileged accounts are the prime target of cybercriminals hoping to access an organization’s assets. Without a way to keep track of, secure, record and analyze privileged users and the privileged sessions they perform, it’s only a matter of time before a hacker finds their way into your more critical assets. That’s where setting Privileged Access Management standards comes in.
The Wall Street Journal today revealed that North Korea's hacker army managed to steal a huge amount of cryptocurrency amounting to $3 billion to finance their nuclear program. US officials have confirmed this news. These hackers have a highly sophisticated method of operating. A specific example of their actions involved using a fake job offer to trick a startup into losing over $600 million. By posing as potential employers, they social engineered someone who was hopeful for a better job.
Hybrid cloud takes the capabilities of the public and various private cloud options and merges them, allowing businesses to host different workloads within different environments depending on their performance, security, and resource needs. Companies leveraging a hybrid cloud strategy promote business competitiveness and agility, allowing them to respond to changes in resource demands quickly.
Iran's uranium enrichment facilities were some of the most high-security buildings in the world. Not just with physical checkpoints and guards, but with air-gapped digital defenses. All of that security became moot in 2010 when Stuxnet devastated the facility.
A Denial of Service (DoS) attack will prevent your legitimate users from accessing your API. The attack could be physical, such as unplugging network cables, but a Distributed DoS is more prominent. It involves generating a volume of user requests from various machines to overwhelm your servers. DDoS attacks can result in a loss of $50,000 of revenue due to downtime and mitigation.
Verizon's 2023 DBIR shows trends for incidents and breaches from the last year. Read our recap to see how credential leakage is helping malicious actors gain entry.
