Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Ransomware: How to Combat a Growing Threat to Your Organization

Ransomware is a serious threat to institutions of all kinds, resulting in mounting costs for organizations that must literally pay ransom to regain access to their essential systems. A ransomware attack takes place when a cybercriminal denies an organization access to the data it needs to conduct business, usually by encrypting the data with a secret key. The attacker then offers to reveal the encryption key in exchange for a payment. The payment can vary in amount or kind.

How Blockchain could transform smart-home privacy tech

About the time that Bitcoin was becoming a household name in the cryptocurrency business, an associated up-and-coming technology called blockchain was making waves and being hailed as the next big thing. Then it all but disappeared from the pages of the tech journals and websites. In other words, the big splash never materialized. Looking back, the problem was that it was so new and revolutionary that nobody knew what to do with it yet.

How guardrails secure and accelerate K8s deployments

It’s clear from the latest Cloud Native Computing Foundation survey that containerized environments have become mainstream, increasing automation at scale for companies. But, in the cloud-native environment, changes are constant and runtime is extremely dynamic. And while automation can help eliminate manual work, it can also replicate mistakes and risk at cloud scale.

Secured access to business-critical resources for your remote workforce

Over the past several years, telecommuting, or remote work, has gained significant traction across a wide variety of industries. According to a recent survey conducted by OWL Labs, 48 percent of employees worked from home at least once a week in 2019, and 34 percent were even willing to take a pay cut in order to work remotely.

How a Common Data Environment Can Create Order for Construction Content

Like many businesses today, the construction industry is in a state of transition. In recent years, construction workflows have become information-driven, just as workflows have in other industries. Many industries have risen to the challenge and made full use of digital technologies to transform themselves. However, for reasons that have a lot to do with how construction operates, the digital transformation of construction has lagged.

Between Two Alerts: Phishing Emails - Don't Get Reeled In!

Potential attackers are really good at what they do. Security analysts see this firsthand with the amount of phishing emails their organizations see daily. A newly released State of the Phish report reveals that nearly 90% of organizations dealt with business email compromise (BEC) attacks in 2019. End users reported 9.2 million suspicious phishing emails globally for the year.

How to Prevent Third-Party Vendor Data Breaches

Third-party vendor data breaches are becoming an epidemic for organizations that themselves have solid information security programs. The Ponemon Institute has proven year over year in its survey that the cost of third-party data breaches increases with each survey. Many struggle with how exactly to hold third-party vendors accountable and enforce the same rigid standards and controls that they consume internally. The big question is: how do organizations prevent third-party vendor data breaches?

Working from home - new reality for even small businesses

I’m very fortunate in the COVID-19 situation. My job as editor of the AT&T Cybersecurity blog lends itself well to working from home. In fact, even before the virus I had the privilege to work from home some of the time – of course with a VPN and other security measures, on company equipment. The biggest impact has been personal for me. I miss my colleagues at work. I miss the in-person laughs and socializing.

PowerShell and 'Fileless Attacks'

PowerShell had its beginnings as a way to enable administrators to perform their tasks both locally and remotely with unprecedented access to underlying Windows components, such as COM objects and WMI. Since being included in every major Windows Operating System since Windows 7, PowerShell based tooling is well proliferated for both legitimate and malicious use and includes common tooling such as SharpSploit, PowerSploit, PowerShell Empire, Nishang and Invoke-Obfuscation.

SecurityScorecard vs Prevalent Comparison

The average cost of a data breach is now nearly $4 million and the unfortunate truth is third-parties are a significant source of cyber risk. This is why cybersecurity vendor risk management (VRM) has become a top priority for CISOs, Vice Presidents of Security, and other members of senior management, even at the Board level. In addition to financial costs, there are increased regulatory and reputational costs.