Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When your customers reach out for help, they send messages to your support team that likely contain personal information. Help desk ticketing systems can often harvest for personally identifiable information (PII) like email addresses and credit card numbers, while healthcare providers using ticketing systems may request protected health information (PHI) like patient names and health insurance claim numbers or phone numbers.

You may have previously heard about TeamViewer if you’ve ever needed to remotely access another device for the purposes of maintenance or general work activities.

At the Rubrik Data Security Summit, leaders from both the public and private sectors discussed an important topic: ransomware. Cyber threats continue to expand in both volume and sophistication with attacks growing at a rate of 150% annually. As attackers increasingly target backups, it will be even more paramount for policies and guidance from government agencies to match the security innovation of private sector businesses to mitigate the risks of this cyber pandemic head-on.

The Splunk threat research team recently developed a new analytic story to help security operations center (SOC) analysts detect adversaries executing discovery and reconnaissance tasks within Active Directory environments. In this blog post, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PoshC2 & PurpleSharp to then collect and analyze the resulting telemetry to test our detections.

The vulnerability disclosure process involves reporting security flaws in software or hardware, and can be complex. Cooperation between the organization responsible for the software or hardware, and the security researcher who discovers the vulnerability can be complicated. In this blog we’ll look at the vulnerability disclosure process, the parties involved and how they can collaborate productively.

What is your organization’s approach to security events? For many organizations, each security alarm is treated with the same urgency as a fire. While a sense of urgency is good, the ensuing panic that occurs is not a recipe for longevity. The constant shifting of attention from one emergency to the next is fatiguing; it can often lead to mistakes that compound an event. The “all hands on deck” approach is similar to an ineffective method of weeding a garden.

The team at LimaCharlie has been moving some big pieces around the board during the month of September. We have been working on something special. On October 12th we will be running a webinar to demonstrate LimaCharlie’s integration of Red Canary’s Atomic Red Team. Atomic Red Team is a library of tests mapped to the MITRE ATT&CK framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments….

As the threat landscape evolves faster than we can keep up with, organizations must be aware of the type of threats they may face. Certain threat types, like ransomware and malware, are more prominent and therefore must be fought with the appropriate resources. On the other hand, some threat types are not prevalent and pose significantly less risk. However, just because a specific threat isn’t as widespread does not mean we shouldn’t take it seriously.

Today’s the first day of October as well as the first day of the 18th annual Cybersecurity Awareness Month. The purpose of Cybersecurity Awareness Month is not only to raise awareness about the importance of cybersecurity, but also to inspire people to improve their cybersecurity posture: whether that be through implementing multi-factor authentication, not clicking that suspicious email attachment, or even writing code more securely by utilizing a tool like Snyk. =)

We’re often asked about single sign-on (SSO) solutions here at 1Password. We get questions like ‘Can we use 1Password and SSO?’ and ‘Why do we need 1Password if our organization uses SSO?’