We’ve talked a lot on this blog about protecting controlled unclassified information, and we’ve mentioned in places some other kinds of information, like classified and secret information, covered defense information, and other protected information. There’s one thing all of this information has in common: it’s generated by the United States government.

Welcome back to the next blog in our Evolution of Scalping series. During our last blog we covered the landmark case that exposed the power of automated purchasing – Wiseguy Tickets. We detailed their operation and their use of bots, which allowed them to snatch up huge volumes of available tickets for high-demand events.

If your organization runs on Microsoft Active Directory, you rely on one or more domain controllers to keep AD operations going. On the surface, Active Directory seems to run on a peer-to-peer models in which every domain controller (DC) has the authority to create, modify, and delete AD objects. That is because every domain controller holds a writable copy of its domain’s partition, the only exception being read-only DCs.

These days, we use Gmail for everything from customer service to telehealth. Over time, your Gmail account might become a treasure trove of sensitive PII, PCI, PHI, and passwords that hackers can leverage. In fact, as of this year, just under half of all data breaches involve email. So, what can you do to protect your inbox? Enter: email encryption.

Here we provide an overview of the ISO 27001 audit process, so companies can embark on it with a clear idea of what it entails, and how they stand to benefit.

In this article, we’ll take a deep dive into osquery tables, by talking about osquery’s ‘file table’ which has some powerful abilities, along with its fair share of limitations.

Recently, there have been a number of attacks on high-profile centralized exchanges (CEXs) in the digital asset space. We feel it is critical to highlight some of the most common attack vectors in this area so that, in the future, CEXs can adequately protect themselves, their institutional trading partners, and their retail customers.

Increasing digitalization and connectivity mean the attack surfaces of most organizations are growing. This means more IT assets to track and manage, plus more potential attack routes for threat actors to target. The threat situation is constantly increasing, especially in the area of vulnerabilities – last year over 30,000 new vulnerabilities were published. So how can you get an accurate view of your attack surface and where it might be open to exploitation?

On September 5th, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) issued an urgent advisory warning security teams about efforts undertaken by threat actors affiliated with Russia’s General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155).

Yes, cyber attacks including phishing, malware and ransomware attacks, continue to increase in 2024. According to Keeper Security’s recent study, 92% of IT leaders say cyber attacks are occurring more frequently today than in 2023. Continue reading to learn which types of cyber attacks have increased in 2024, emerging cyber threats and how to protect your organization from cyber attacks.