Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Another year, another reshaping of the never-boring and constantly evolving world of online crime. Old favorites like phishing, MITM attacks, and, of course, ransomware carried on strong while new variations and tricky workarounds continued to develop. For our final monthly cyber attack roundup of the calendar year, let’s take a look at four cases that stood out for the versatility of their executions, the escalation of their tactics, and/or the aggressiveness of their perpetrators.

I am often struck by the similarities in the skill set required for both parenting and cybersecurity. With children—as with employees—it is much easier to keep everyone safe if you have a little bit of visibility into what’s actually going on. The hardest child to parent effectively is one who shuts themselves away in their bedroom, operating in isolation and giving no clues as to the risks they may be exposing themselves to.

In the language of technology, a sandbox is a safe testing environment that is isolated from the rest of your network or system. Developers use sandboxes to test their code before deployment. In cybersecurity, suspicious and potentially unsafe programs, software, and attachments are executed in sandboxes to detect malware and to avoid any harm implicated by them. The use of a sandbox enables you to safely download, open, examine, or run unknown files, providing an additional layer of security.

CISOs – the senior level executives responsible for developing and implementing cybersecurity programs for corporations and other organizations – are not happy campers these days. And it’s not just because they are chronically understaffed and under constant pressure.

Many organizations today develop, build and deploy cloud native applications that utilize infrastructure and services offered by cloud computing providers like AWS, Azure or Google Cloud Platform (GCP). This trend highlights a critical consideration for organizations — how to secure applications, infrastructures and data in cloud-native systems.

Uncover the mysteries behind Certificate Authorities and how they play an integral role in secure communication. Explore what is a Certificate Authority comprehensive guide now! Certificate Authorities (CA) play a key role when obtaining a digital security certificate. They are similar to driving licensing authorities but for the digital world where they verify the business identity before issuing any security certificate.

Network security: LAN Manager authentication level setting in Windows controls the level of authentication used by the LAN Manager (NTLM) protocol. LAN Manager (LM) and NTLM are the Microsoft Windows implementations of the challenge-response protocols used for authentication.

VodafoneIdea Limited, a leading Indian Telecom Operator has successfully achieved SOC2 Attestation. After undergoing a rigorous auditing process, VodafoneIdea achieved SOC2 Attestation from VISTA InfoSec, a well-known Global Cybersecurity Consulting, and Certification organization. The SOC2 Audit and Attestation is an assessment of internal controls and security practices conducted by the independent auditors of VISTA InfoSec.

Audit Policy: Object Access: Certification Services” is a setting in the Windows operating system that controls whether or not the system generates audit events when a certificate is requested or used for authentication purposes.

We continue to innovate quickly to help you improve your compliance and security programs. This past month, we launched our own security awareness training video, along with these exciting platform updates: ‍